> I'd think opening a PDF in your browser would be at the same risk-level you associate with going to any random URL.
Probably pdf.js is more secure, as it is more modern than the HTML/js engine, it contains less legacy code, it is written in a higher level language, and they could implement a safer subset of the pdf standard, than they could do with the HTML/js standards.
Probably pdf.js is more secure, as it is more modern than the HTML/js engine, it contains less legacy code, it is written in a higher level language, and they could implement a safer subset of the pdf standard, than they could do with the HTML/js standards.