Show HN: Tetris in a PDF

I realized that the PDF engines of modern desktop browsers (PDFium and PDF.js) support JavaScript with enough I/O primitives to make a basic game like Tetris.

It was a bit tricky to find a union of features that work in both engines, but in the end it turns out that showing/hiding annotation "fields" works well to make monochrome pixels, and keyboard input can be achieved by typing in a text input box.

All in all it's quite janky but a nice reminder of how general purpose PDF scripting can be. The linked PDF is all ASCII so you can just open it in a text editor, or have a look at the source code here: https://github.com/ThomasRinsma/pdftris/blob/main/gengrid.py

th0mas.nl

1144 points

ThomasRinsma

2 days ago

220 comments

weinzierl 14 hours ago

It's hard to overstate the ingenuity that went into this!

Despite what people say in the comments here, both browsers really do not let you execute PDF JavaScript willy nilly. Outside of browser environments you are mostly safe anyway because JavaScript is rarely supported, with the big exception being Acrobat. The cleverness of pdftris is not so much Tetris in PDF but how it found its way around the restrictions that browser environments have put up to protect us.

From what I understand pdftris also only works because of user interaction. I think there is no way to run JavaScript in a PDF without user interaction.

  • brumar 11 hours ago

    You can manipulate form fields at anytime, and setInterval is provided so you can have things that run in an infinite loop. But yeah, as a first approximation, the only things js in pdf can do is mutate form fields and react to events related to form fields, unless your pdf reader is acrobat and that's something else entirely.

    • weinzierl 8 hours ago

      My point is that nothing runs without at least one initial user interaction - which makes a big difference for security.

      I believe this is even true for Acrobat with default settings, because while you can trigger JavaScript when a document is opened (/OpenAction) Acrobat will ask for permission.

      • brumar 6 hours ago
        2 more

        I think I got your point but might have expressed myself badly. The pdf can run js and messes with the display right at opening time, without any warning or ask for permission.

        • weinzierl 6 hours ago

          Exactly, thanks for the clarification.

freedomben a day ago

You glorious bastard, what a cool project! This is already a contender for most hacker project of the year :-)

(below is not serious)

I would advise people against using this in production though because it's still missing some critical features. For example:

1. The Javascript stops working when printed to physical paper. The resulting paper just has a static image and the controls no longer work.

2. It doesn't work properly in Evince. It just shows an error "The document contains only empty pages"

  • nadis a day ago

    "The Javascript stops working when printed to physical paper. The resulting paper just has a static image and the controls no longer work."

    -- this comment made my me laugh/choke on my coffee and I have no regrets.

    • ikari_pl a day ago

      You must have never browsed IT support tickets. Oh the horrors...

      • nadis a day ago

        Internally laughing and crying at the same time. "Oh the horrors..." is exactly right.

      • VagabundoP 18 hours ago

        "Its broke"

        What's broke? How is it broke. Why send a one liner?!?

        So many questions.

  • debo_ a day ago

    I feel stupid for not getting the joke. It would have been nice if you explained it in the ... postscript.

    (Yes this is a joke)

    • dmd a day ago

      Just don't try to do this in any less powerful display languages, or you'll really be in a PCL.

  • martinflack a day ago

    > 1. The Javascript stops working when printed to physical paper.

    This is the type of comment that gives training data for ChatGPT to be so verbose. Ha!

  • woodrowbarlow a day ago

    i recently discovered that the Canadian government depends on this for some fillable forms, because it shows a message at the top that says "JavaScript is disabled" and all the boxes show errors. i couldn't get it to work on Linux and had to dust off a Windows machine (and it still didn't work in firefox, it needed acrobat reader).

    • AlexanderTheGr8 a day ago

      I have faced this exact problem with Canadian govt forms. Evince doesn't support them. They are so specific about only adobe acrobat to fill out the forms. I can open them in firefox but can't update them properly The only option is to use my barely hanging on 10-yr old windows machine.

      Let's hope that eventually they move on to a simpler web form.

      • pavon a day ago

        Okular supports javascript in PDFs and works with many fillable forms.

      • ikari_pl a day ago
        4 more

        Wait, did Acrobat actually end support for Linux? Od you just didn't want that particular machine to catch... capitalism?

        • necovek a day ago
          3 more

          There is no recent version of Acrobat Reader for Linux, and old (was it 5.x beta?) versions rarely work on modern distros.

          • ars 21 hours ago
            2 more

            Acrobat 9.5 works fine on Linux, if a little slow.

            This Tetris game makes it crash though.

            • necovek 10 hours ago

              Oh, thanks, that's good to hear!

              Edit: only now I see that's also from 2009 with updates into 2013. Do you where one can easily download the latest patched version?

  • necovek a day ago

    > The Javascript stops working when printed to physical paper. The resulting paper just has a static image and the controls no longer work.

    I believe you need to rescan it into PDF to get it to work again.

    • ycombinatrix a day ago

      It might be possible to set up some kind of pdf quine using e.g. a QR code

  • martin_a 19 hours ago

    Regarding #1: Your printer is just too slow. Try finding a printing company near you with a web feed machine, that should help with your FPS.

  • maurya_anand 14 hours ago

    "The Javascript stops working when printed to physical paper."

    You need to upgrade your paper that supports a minimum FR of 60hz.

    • 4ggr0 13 hours ago

      come on, it's 2025, we need 240hz (to play Tetris with 30FPS).

  • zknowledge a day ago

    hahaha I wish you almost didn't include the parenthesis. I've had some clients who would definitely email me that point #1.

  • inetknght a day ago

    > The Javascript stops working when printed to physical paper. The resulting paper just has a static image and the controls no longer work.

    Science fiction tells us this is only temporary. Print away, those papers will turn into magic in just a few decades!

    • LeonenTheDK a day ago

      Just wait until we get this on e-paper.

  • lisper a day ago

    > The Javascript stops working when printed to physical paper.

    It works for me. Maybe you need to upgrade your paper? What version are you using?

  • atoav 20 hours ago

    3. I open it on my phone and it doesn't work at all. And that is a new phone with a current browser.

  • dheera a day ago

    > Javascript

    Oh, so that's what it is. Bleh. Ok.

    I thought it was cooler and made use of the fact that PostScript is a Turing-complete language to write Tetris in PostScript.

    (I never really understood the PDF format but I always assumed it's some kind of compressed PostScript)

  • FpUser a day ago

    >"1. The Javascript stops working when printed to physical paper. The resulting paper just has a static image and the controls no longer work."

    Just wait until e-paper replaces the real one ;)

LetsGetTechnicl 15 hours ago

This is an affront against god. Good work.

efitz a day ago

This is amazing and terrifying (I am a security engineer and parsing complex document formats is a never-ending treasure trove of vulnerabilities).

  • enews01 12 hours ago

    Theres a malaysian movie where the main premise is a hacker who uses pdf executions to steal one cent from every persons bank account. Its pretty interesting.

    • brettermeier 6 hours ago

      Do you know the name of the movie?

  • wayvey a day ago

    The amount of attack surface in various format parsers is pretty stunning and terrifying indeed

  • mizzao a day ago

    The "code execution" in PDF parsing is what enabled this legendary zero-click, zero-day exploit of iOS devices: https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-i...

    • kccqzy a day ago

      That exploit is indeed legendary but the code execution involved is not JavaScript. In fact the iOS PDF renderer does not have JavaScript enabled.

      • saagarjha 21 hours ago

        Obviously a skill issue; a true hacker would re-enable it.

  • tashian a day ago

    AI agents run in isolated VMs, but PDFs have been out here running in the open for 30 years!

    • miohtama a day ago

      But can your PDF run an AI agent?

      • Swizec a day ago
        4 more

        > But can your PDF run an AI agent?

        Oh it's so much worse than that. Your font can run an AI agent.

        Llama.ttf: A font which is also an LLM -- https://news.ycombinator.com/item?id=40766791

      • hnlmorg a day ago
        3 more

        In my opinion the question isn’t so much “if” but rather “when”.

        When will AI research and hardware capabilities reach a point that it’s practical to embed something like that into a regular document?

        We’ve already seen proof of concept LLMs embedded into OpenType fonts.

        I guess the other question is then “what capabilities would these AI agents have?” You’d hope just permission to present within that document. But that depends entirely on what unpatched vulnerabilities are lurking (such as the Microsoft ANSI RCE also featured on the HN front page)

        • btown a day ago
          2 more

          For Chrome's PDF renderer, the runtime is V8, so we're literally one (hilarious) line of code away from this glorious future existing today:

          https://pdfium.googlesource.com/pdfium/+/refs/heads/main/fpd...

          > // Use interpreted JS only to avoid RWX pages in our address space. Also, --jitless implies --no-expose-wasm, which reduce exposure since no PDF should contain web assembly.

          > return "--jitless";

          • Thorrez a day ago

            You could write an LLM in plain JS, right?

      • freedomben a day ago

        Looking forward to a day when you may not have a powerful enough GPU to open a PDF

      • siva7 a day ago
        2 more

        The first widespread AI Malware will be a historic moment in this century. It will adapt like a real biological virus to its host and we have no cure for this.

        • saagarjha 21 hours ago

          We could unplug all the GPUs.

  • neuroelectron a day ago

    This isn't even the beginning of what's possible in PDFs.

bityard 2 days ago

Not just web browsers, Acrobat (and probably other PDF readers) have supported executing Javascript in PDFs for decades.

  • Aaron2222 a day ago

    Doesn't work in Preview unfortunately.

  • swyx 9 hours ago

    why??? for what possible secure white hat reason could you want to run js in pdfs??!? is nobody sane running the pdf org?

  • brumar a day ago

    This is even in the ISO standard now

  • unnouinceput a day ago

    I was joking in 2007, when I was working at Siemens, to my boss, that an Excel cell can contain God and the Multiverse when I put an ActiveX inside that was basically a program I made which would draw a 3D animation based on parameters contained on other cells. Let's say the boss was impressed though for me was just basic OLE.

    I see from time to time that younger generations reinvent/rediscover the wheel and I chuckle.

  • pimlottc a day ago

    Which makes sense, why would browsers randomly add JS to PDF if it wasn’t already part of the standard?

    • kzrdude a day ago

      What a nightmare that JS is a part of the PDF standard. I suppose that it's optional.

UniverseHacker a day ago

This is horrifying, PDFs should not be able to execute code.

  • tbraydn 21 hours ago

    A surprising number of things used to accept executable code.

    In Microsoft Windows (~2000/ME), you used to be able embed JavaScript and ActiveX into ANY folder by replacing the folder view with your own HTML. Your customization would persist on shared network folders so others would see your HTML.

    So naturally, a bunch of us 14 year olds in like 2002, between playing Runescape and Neopets in computer lab and library time, found this out and started screwing with the shared network Z: drive used by both teachers and students across every elementary, middle and high school in the school district.

    There were dumb things you could do with all that power like open people’s CD-ROM reader trays by abusing the Windows Media ActiveX control. It had an eject() method on the object.

    It ended up breaking in an edit war of the shared drive. There were some generic AD accounts used district-wide so you could avoid getting caught. We found out you could prefix the username with the domain and login with accounts from other schools. At one point, someone crossed the line, but I don’t think anyone got caught.

    • ta1243 17 hours ago

      You put the <img src="file://c:/con/con"> in right? Or had that been fixed by the DHTML era

      • slig 12 hours ago

        I used to place that as the home page of IE.

  • crazygringo a day ago

    Seriously, I hate it.

    I understand why it happened -- it made sense to allow PDF's to be used for form-filling, and once you can fill in forms it obviously makes sense to validate inputs, and to handle arbitrary validation complexity you need a scripting language, and obviously then you want to be able to automatically fill in fields based on other fields, or even produce a QR code so it can be printed and scanned... And they didn't want to create a new extension like ".ipdf" for interactive PDF.

    But still. I hate it.

  • fsckboy 21 hours ago

    >PDFs should not be able to execute code

    Postscript is code (it's a stack machine), and PDFs are Postscript

    • martin_a 19 hours ago

      > PDFs are Postscript

      PDFs have moved to native generation, due to the feature richness that has found its way into the specs.

      Nevertheless you can still write PS and feed it into a Distiller (or sth. alike) and render the output.

  • cess11 a day ago

    One should reject all PDF:s except /a-standards compliant ones.

    • belval a day ago

      Maybe if one enjoys endless conversations with unhappy customers. Easier to simply isolate the PDF rendering/parsing and move on.

      • silon42 20 hours ago

        A conversion tool would be useful.

    • martin_a 19 hours ago

      Let me tell you about the lord and savior of the printing industry, the PDF/X standard...

      • cess11 12 hours ago

        It allows external sources. I think even the ICC profile can sit outside the document, as well as stuff like video.

        I like the archivable series, the document comes with what is needed to render it.

btown 2 days ago

I, for one, was surprised that Chrome's PDF renderer would allow persistent JS code like this to run - not just limited code in response to user actions, but a real game loop.

But there's a spec for all this and everything! https://www.t10.org/ftp/js_api_reference.pdf (2007) - be warned, the light of Ecma TC39 standardization does not extend to this place.

Chromium's implementation of setInterval for instance (which, in this world, takes a string to evaluate): https://pdfium.googlesource.com/pdfium/+/refs/heads/main/fxj... -> https://pdfium.googlesource.com/pdfium/+/refs/heads/main/fxj...

From a security perspective, they're able to build on top of V8 isolate primitives and Chrome's sandboxing systems - but from the logs, security improvements in PDFium are being continuously developed as recently as the past few weeks! I feel like I've stumbled upon a parallel universe, in the best possible way.

chaps 2 days ago

They also support iframes! The absolute madness of PDFs is a world wonder. But I'm really still not sure we could do without them.

  • bityard a day ago

    Gzipped PostScript documents were fairly popular during the 90's and are functionally identical to PDFs for 99% of use cases. (PDF is essentially PostScript, but with more features.)

    • kccqzy a day ago

      For Gzipped PostScript, code execution is its raison d'être. But it is at least possible to build a PDF viewer without code execution.

    • necovek a day ago

      Well, both a simpler language more geared toward presentation, but also including more modern features designed for on-screen viewing.

kleiba 7 hours ago

A friend of mine once applied for a job with the local PT operator. For that, I finagled the PDF of his CV such that after a minute or so, one of the company's trains would drive over the page from left to right at the very bottom.

He never heard back from them.

toddm a day ago

This is really cool and fun!

I don't know much about the security issues others have raised, but if you're good enough to make this thing then I deserve to be pwned by you.

Chapeau!

rhokstar 12 hours ago

I would be surprised if Doom was playable in a PDF that was being read in a LCD screen of a thermometer.

  • brettermeier 6 hours ago

    You would or wouldn't be surprised?

illegalmemory 2 days ago

Not only web but majorly all OS pdf renderers support JS. It used to be a major source of malware long back.

  • autoexec a day ago

    PDFs are still used to delver malware. Adobe gets picked on less often now since everyone has PDF readers in the browser but that just makes chrome the new target of choice (not that alternative viewers don't get attention too https://thehackernews.com/2024/05/foxit-pdf-reader-flaw-expl...) but what I see most often in malicious PDF files recently are just links to websites that contain malware since they can work no matter what your viewer is.

alphabet9000 a day ago

amazing, i didn't know PDF supported javascript.

i've tried making "interactive" PDFs before but using POST and server side rendering rather than client, e.g. a PDF typewriter i made a little while back on http://news.coffee

weinzierl 2 days ago

"It was a bit tricky to find a union of features that work in both engines [..]"

I am curious what the constraints are to make this work and in which environments it does? Does it work in PDF viewers outside the browser? Is there documentation what is available in which environment? What is enabled by default, can be switched on or off?

  • ThomasRinsma 2 days ago

    I barely looked at Adobe Reader so not sure about that one, it definitely does not work with this PDF though, likely because it's not compliant in several ways. Besides that I wouldn't be surprised if it supports all the required JS APIs and more, just possibly behind some permission prompts.

    It might work in Foxit as I believe it supports some scripting. Most of the other native PDF renderers are more static, as far as I know. In either case, I was most interested in the browser-native engines, as I always thought of them as more "static"/limited.

    As for documentation on specific features: to be honest, I just looked at the implementations of PDF.js and PDFium. Both only support a subset of the "standard" API, likely for security reasons. But PDF.js for example allows changing a field's background color (colored pixels!), and PDFium allows modifying their position/bounding box (I tried a high res color display by moving a row vertically as if it's a scanline, but things become quite laggy).

    • throwaway86530 a day ago

      I got the same conclusions. Unless I misunderstood, Pdfium is based on Foxit so that should work. And as both pdf.js and pdfium decided to implement only a thin part of the adobe js sdk, then there are good chances that it works there too.

  • KeplerBoy a day ago

    I guess it should read intersection instead of union.

8mobile a day ago

playing Tetris on a pdf is the last thing I would have thought of. Kudos for the idea and implementation. To start a new game do I have to reload the pdf? Thanks

kvirani a day ago

Wow... It's only January. I'm so excited to see what you release in February and beyond!

ReneFroger 17 hours ago

I'm wondering if running Doom in PDF files might be achievable, or is that a step too far away?

  • vanderZwan 17 hours ago

    Probably in the domain of technically possible but good luck trying to get it to run fast enough and with little enough memory that the PDF engine doesn't crash.

amunozo 21 hours ago

Lol, I love it. Why didn't you include points multipliers when more than one line is filled though?

seany 2 days ago

This is great. Will probably give the fun police in r/k12sysadmin a heart attack.

krick a day ago

Ok, I kinda knew it was possible (I guess, anybody did), but this should be a very illustrative example. And unfortunately it doesn't seem like PDFs are gonna go away (though, really, why the hell there isn't any alternative?!) So it raises the question: is there any way to handle this garbage safely? I.e. in a way it couldn't run JS? I'm pretty sure it is not really necessary to read 99.999% PDFs out there.

  • BoingBoomTschak a day ago

    You can build mupdf with -javascript on Gentoo (I also bwrap it to hell, personally).

frizlab 2 days ago

Fortunately this does not work in Safari where the rendering is done natively.

  • p0w3n3d a day ago

    I like how you used "fortunately". For me too the most important in PDF is to print a good and accurate text and graphics (preferably vector graphics), which recently is not as easy as it would be possible

  • anothername12 2 days ago

    Does not even seem to be a valid PDF according to Preview.app

    • swiftcoder a day ago

      Preview implements a subset of the full capabilities of PDF, and in particular it does not implement the javascript interpreter.

random_i a day ago

Playable where?

It doesn't work in the Adobe Chrome PDF viewer, or in Preview.

  • icameron a day ago

    Sadly, Adobe Acrobat Viewer cannot load it, but if go to Chrome and choose Open.. That should use chrome PDF to display it in the browser (depending on your settings maybe) which worked for me.

  • grimgrin a day ago

    playable for me in firefox and chrome

  • TMWNN a day ago

    Works in Edge's PDF viewer, after exiting the initial mode via the <- in the upper left corner. (If you know how to avoid this being the default, let me know.)

ninalanyon 12 hours ago

I'm very pleased that this did not work in Firefox on Linux Mint. Unfortunately it does work in Vivaldi.

enews01 12 hours ago

Wow this was quite fun and impressive! Looks like it doesn't work on Firefox, I wonder why.

  • jancek27 12 hours ago

    Just played it on Firefox. Maybe we have different browser settings?

  • julian37 12 hours ago

    Works fine here (134.0 on macOS)

eximius a day ago

Interesting!

Something neat I found, you're able to 'clip' the blocks into each other by spinning them right before the block settles.

maalber 2 days ago

This is hilarious

  • revskill 2 days ago

    Genius you mean ?

    • lucianbr a day ago

      Well, it's quite cool, but if PDF supports javascript, putting a javascript game in a PDF is something obviously possible. I don't know if it qualifies as genius. If the game was made from PostScript commands somehow, that would be genius.

      Anyway, I love this content on Hacker news, as opposed to people explaining how they want Apple to take their freedom away, because freedom is dangerous.

      • swiftcoder a day ago

        > as opposed to people explaining how they want Apple to take their freedom away, because freedom is dangerous

        May I be the first to reply that I am glad that this works in neither Safari nor Preview.app :)

    • runnr_az 2 days ago

      Obviously a talented individual. Nice to see them wasting time making something ridiculous

      • freedomben a day ago

        I don't know how serious you are, but for others projects like this are virtually never a waste of time. There's opportunity cost of course, but that's very difficult to measure. I'm sure OP learned a ton about PDFs in the process, and there is/are no shortage of needs for PDF creation. More broadly they also deepened their knowledge of javascript and other things.

potatoman22 a day ago

This is a good reminder for why to not download random PDFs. One of the mechanisms of the Pegasus spyware was emulating a computer inside a PDF.

https://en.wikipedia.org/wiki/Pegasus_(spyware)#Vulnerabilit...

  • poincaredisk a day ago

    The vulnerability was in images parsing, and exploit was distributed by sending an imessage to the target. So don't open any images, and don't read imessages. They are also known to use browser exploits, so don't visit random websites.

    That was sarcasm, in case it's not clear over the internet. Telling people to avoid "suspicious" pdfs/websites is common but ultimately not very useful advice.

    The real takeaway is: don't become a target of a nation state intelligence agency. If you own a phone, they can take over it, and there's nothing you can do.

    • cess11 a day ago

      The Pegasus Project has shown that pretty much anyone could be targeted. It's enough to know someone in a publicly owned company or publicly say something negative about corruption or just be in the wrong place at the wrong time.

      Nothing you do will guarantee that the state won't come after you.

  • geor9e a day ago

    A tetris PDF could be in a 1 pixel iframe right on this page and you'd never know it. So it doesn't require any user action to download one.

    • sexy_seedbox a day ago

      That's why you run NoScript along side with UBO

      • geor9e a day ago
        2 more

        I'm pretty sure noscript will break 90% of the webpages I visit. I just rawdog the internet. If Chrome gets 0day'd then a lot of us are going down - at least I'll have company.

        • throwaway2037 a day ago 

              > If Chrome gets 0day'd then a lot of us are going down
          If anything, Google would have the correct incentive to protect itself from a zero-day exploit. I guess they could release a patched version internally only, but I doubt it. I do think they want the image of Chrome to be relatively positive and giant security hole (patched slowed) would do them no favours.
theginger a day ago

I hope to see this evolved into doom by the end of the year. And it better not be just monochrome

jeffhuys 18 hours ago

I actually am kind-of happy that this doesn't work on Mac (if you don't install Acrobat) / preview.

shekywakey 15 hours ago

Will you call it the "Thomas Engine" that powers simple GUI games on PDF?

freedomben a day ago

A few questions if you're willing:

1. What led you to want to do this project?

2. Have you worked with PDFs before? Do you work with PDFs as part of your day job?

3. Have you implemented Tetris before or is this your first time?

4. How long did it take you?

ilvez a day ago

I'm probably lucky that Sumatra is showing them as static documents.

Shinchy 19 hours ago

That's truly amazing! I knew you could do a lot with PDF but that not to this extent.

riffraff a day ago

could you use checkboxes for display? I'm no sure if you can style them, but I think you can access them in JS, and that should result in having basic "pixels" which you can use to draw anything.

  • brumar a day ago

    I made a game of life in pdf using this technique, but pdf.js is less open to chromium to respect the standard on letting the pdf designer defining the ON and OFF state.

    One other way would be to use normal text fields and leveraging custom fonts. I think there are an enormous potential with fonts in the realm of pdf hacking. I think there is also a story of past vuln on pdf.js because fonts were evaluated outside the sandbox.

  • pbhjpbhj a day ago

    That sounds like something CodeBullet mighty have done!?

thih9 a day ago

Would this work on a simple (non-android) eink reader, like a kindle?

brumar a day ago

I was considering doing exactly that ahah. We should connect to share our hacks and pains. One could project would be to run wasm4 games because, yes, pdfium and pdf.js can run webassembly.

rgmerk a day ago

This is Evil Genius level work. Congratulations!

Did you do the actual coding in Acrobat or is there a less painful way to write embedded JS in a PDF?

chimo777 20 hours ago

That's amazing! It goes beyond my understanding of PDFs.

GaggiX a day ago

Kinda happy that Evince doesn't start executing JS when opening a PDF.

alana314 2 days ago

Wow, I had no idea PDFs could be this dynamic. Doesn't work in Mac OS preview or quicklook but works great in chrome.

  • danudey a day ago

    The Canadian passport application PDF has Javascript that updates a QR code in the top-right corner of the first page whenever you change or fill in a field.

    https://www.canada.ca/content/dam/ircc/migration/ircc/englis...

    Seems like a pretty genius way of avoiding transcription errors. When I dropped my passport application off yesterday the passport officer marked up a few things on the PDF and then scanned it in, so I assume that they use the QR code to automatically fill in the data as I entered it and then make any updates necessary from after-the-fact modifications manually.

    Only seemed to work correctly in Acrobat Reader, but I haven't tried others (like Foxit) or anything.

    • audiodude a day ago

      Yes, elsewhere in this thread people were complaining about how Canadian government PDFs only work in Acrobat Reader on Windows and what a PITA that is.

_bydex a day ago

I dont have a kindle to test, but i wonder if this works on a kindle

  • wizzwizz4 12 hours ago

    Almost certainly not. Kindle's native format is MOBI, not PDF.

casey2 a day ago

I believe there is a bug with the T block, I think I managed to overlap some blocks

luismedel a day ago

Awesome.

I don't do security stuff anymore but I feel chills when I see (great) things like this,

amytimed 2 days ago

This is awesome! I think you should add the explanation of how it works in the PDF itself as well

abdibrokhim a day ago

Warning: Error during font loading: Font "HeBo" is not available.

nejsjsjsbsb a day ago

PDFs, Regexes and Typescript Compiler make great runtimes!

miningape a day ago

I just wish I could print this

0xKelsey a day ago

That's both awesome and terrifying security-wise.

_joel a day ago

So does that mean we can transpile PDFs to webassembly now?

purpleidea a day ago

Neat! Sadly doesn't work in Evince.

izakfr a day ago

This is really awesome, great job!

billiam a day ago

and this is why I can't read HN at work anymore........

I have increasing confidence that when AIs finally destroy the Internet the delivery vehicle will be the file format that was created, as the Internet itself was, as a form of digital paper.

Uptrenda 19 hours ago

Well OP, you have definitely made me reconsider my assumptions about PDFium. I had assumed that JS didn't work altogether in Chrome. But clearly there's just bugs in the code I wrote. You've inspired me to have another crack at solving it. But definitely when the time is right. It's going to be a lot of hair pulling, I can see that now.

I'm not sure what your process was for testing your scripts: but for me because there was no meaningful error output I had to incrementally build up my script line by line (which took forever.) So I thought I'd done well when I got my stuff working in Adobe + Firefox. I wonder if now everyone is going to add similar scripts to their resumes :p Doom will be next, maybe?

swyx 9 hours ago

... why exactly do PDF engines have to run javascript? wtf?

Uptrenda a day ago

OP, I still don't really understand how you got it to work in Chrome?

darkce 17 hours ago

so good

pmarreck a day ago

this is a horrible idea.

which is why i am commenting to check it out later.

since postscript is also a language that it literally runs to render, would it also be possible to use postscript to make interactive elements?

weddingbell a day ago

I printed the PDF on A4 paper, but Tetris doesn't work! lol

jiveturkey a day ago

didn't work in safari's embedded reader. no text either, just a blank page. or did i not wait long enough?

  • saagarjha 21 hours ago

    Doesn’t support JavaScript.

Thoreandan a day ago

Related: Ange Albertini, the creator of the .PDF/.ZIP/ELF reference diagrams (github/corkami) has started posting overview videos on his YT channel (@corkami-albertini) including creating .PDF+.PNG+.ZIP chimera files.

The .PDF basics vid was the first in the series: https://www.youtube.com/watch?v=q6KgFezu8tw

mati365 2 days ago

So it's possible to port C compiler to PDF. Compiler is already done https://github.com/Mati365/ts-c-compiler. We can run DOS in PDF basically..

  • lxgr a day ago

    That's how it inevitably goes with Turing completeness :)

    The real achievement here arguably isn't running code (that's provided by the PDF spec and implementations), but managing to hook it up to user input/output in an ergonomic-enough way to play Tetris.

    • segasaturn a day ago

      The mention of Turing Completeness got me curious, so I looked something up. Behold, a C compiler written in Lambda Calculus: https://github.com/woodrush/lambda-8cc

      • lxgr a day ago

        Amazing, thank you!

        The PDF [1] containing the Lambda calculus term manages to hang/glitch/crash both Firefox's and macOS Preview's PDF renderer, which in itself is quite the achievement in portability.

        Update: Nevermind, Firefox handles it perfectly, it just (probably wisely) disables seamless scrolling and I have to use the "next/previous" page buttons manually. macOS got there after a minute or two of loading with no UI indications.

        [1] https://woodrush.github.io/lambda-8cc.pdf

  • bowmessage 2 days ago

    Adobe Acrobat DOOM Pro™

    • mati365 a day ago

      What about running Adobe Acrobat in Adobe Acrobat?

      • andrea76 a day ago
        4 more

        Can we run Windows 3.1 in protected mode from a PDF?

        • mati365 a day ago

          Imho, it's possible. Generally speaking, it depends if PDF can render any sort of canvas.

        • danudey a day ago
          2 more

          Can we compile qemu to a PDF?

          • _joel a day ago

            It's PDFs all the way down.

  • openrisk a day ago

    But will it also compile when printed out on paper?

  • ohnoAmsorry a day ago

    [flagged]

    • mati365 a day ago

      These 'tricks' are exactly what makes programming the passion I love. Thanks for capturing the difference between coding for joy and coding for a paycheck so succinctly. Also, it's not a wrapper—it's a full parser and compiler.

    • drdeca a day ago

      Huh? Did you comment this in reply to something other than what you intended to reply to?

Fernicia 2 days ago

Back in school pdfs would circulate that had a bunch of flash games on them. I have no idea how or who made them, but they let us play dolphin olympics on lab computers with no internet connection.

  • doublerabbit a day ago

    Excel for games and PowerPoint for stick animations. You'd spend hours in CAD class just creating PowerPoint animations and not doing any CAD.

    I regret this decision now and wish that I had paid some attention. 3D printers are cool and I have no idea how to design objects for it.

    • phkahler a day ago

      >> I do wish I did pay some attention to CAD now. I want a 3D printer and have no idea how to design objects for it.

      Get Solvespace: https://solvespace.com/index.pl

      Do the tutorials. If/when you outgrow it, the concepts will carry over to FreeCAD which otherwise has a steeper learning curve but has more capabilities.

      • smj-edison a day ago

        An aside, but I found FreeCAD to be a real pain. The dependency tracking across sketches is really quite horrid. If I have sketch2 linked to sketch1, and I delete a line in sketch1, it will arbitrarily reassign all the sketch2->sketch1 dependencies. Maybe they fixed that since I've used it, but I've transferred over to Onshape for all my hobby stuff...

        EDIT: looks like they finally addressed the topological naming problem, I guess I better give it a second chance!

  • pbhjpbhj a day ago

    I'm not sure, but I think it may have been that Adobe Viewer (or whatever it was) could run Flash?

    • Someone a day ago

      Maybe, but PDF can contain Flash Applets, too.

      However, modern version of Acrobat Reader do not support that anymore. https://helpx.adobe.com/acrobat/kb/flash-format-support-in-p...:

      “Flash Player end-of-life (EOL) impacts playback and authoring of rich media having Flash content (.flv and .swf) in PDFs:

      • Playback of Flash media (.flv and .swf) content in existing PDFs will not be supported.”

cool-RR 2 days ago

I printed it but it doesn't work :(

ustad 20 hours ago

That reminded to disable javascript in pdfjs that is used in firefox.

Feel much safer!

  • aoeb 20 hours ago

    Open about:config

    Search for "pdfjs.enableScripting"

    Set to false.

    • phforms 19 hours ago

      Apparently, it is set to false by default in Zen Browser. In my Firefox it was still true.

  • aceazzameen 13 hours ago

    Whew! I didn't realize it was enabled already.

  • vasco 19 hours ago

    So you also disable it for normal browsing?

meddah 2 days ago

Oops. I realized now, unknown PDFs are not safe.