From b544d5a8c591a7c924ddbc74765726839ec70d01 Mon Sep 17 00:00:00 2001
From: shamoon <4887959+shamoon@users.noreply.github.com>
Date: Tue, 7 May 2024 09:18:25 -0700
Subject: [PATCH] Security: Disable eval in pdfjs

Closes https://github.com/paperless-ngx/paperless-ngx/security/dependabot/181 see https://github.com/advisories/GHSA-wgrm-67xf-hhpq
---
 .../src/app/components/common/pdf-viewer/pdf-viewer.component.ts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src-ui/src/app/components/common/pdf-viewer/pdf-viewer.component.ts b/src-ui/src/app/components/common/pdf-viewer/pdf-viewer.component.ts
index 274b06032..4fc55429a 100644
--- a/src-ui/src/app/components/common/pdf-viewer/pdf-viewer.component.ts
+++ b/src-ui/src/app/components/common/pdf-viewer/pdf-viewer.component.ts
@@ -35,6 +35,7 @@ import type {
 import { PDFSinglePageViewer } from 'pdfjs-dist/web/pdf_viewer'
 
 PDFJS['verbosity'] = PDFJS.VerbosityLevel.ERRORS
+PDFJS['isEvalSupported'] = false
 
 export enum RenderTextMode {
   DISABLED,