secure-html-to-pdf

    1.0.2 • Public • Published

    node-html-pdf

    This is a fork of the HTML to PDF module that uses phantomjs. Basically there is a set of well known 'Arbitrary File Read' issues that are patched in this version. It was forked from the 418 Secure Github, and will be used to publish to NPM registry.

    Why not use the Chrome web driver or puppeteer method to convert PDFs?

    Well, for me, my client uses the node-html-pdf module, so patching it and updating it made sense because then I could still use this code, use it in a bunch of places. Plus with Puppeteer, while you can use it on the server, there are lots of reported issues with it and it's performance.

    HTML to PDF converter that uses phantomjs

    image
    Example Business Card
    -> and its Source file

    Example Receipt

    Installation

    Install the html-pdf utility via npm:

    $ npm install -g html-pdf
    

    Command-line example

    $ html-pdf test/businesscard.html businesscard.pdf
    

    Code example

    var fs = require('fs');
    var pdf = require('html-pdf');
    var html = fs.readFileSync('./test/businesscard.html', 'utf8');
    var options = { format: 'Letter' };
    
    pdf.create(html, options).toFile('./businesscard.pdf', function(err, res) {
      if (err) return console.log(err);
      console.log(res); // { filename: '/app/businesscard.pdf' }
    });

    API

    var pdf = require('html-pdf');
    pdf.create(html).toFile([filepath, ]function(err, res){
      console.log(res.filename);
    });
    
    pdf.create(html).toStream(function(err, stream){
      stream.pipe(fs.createWriteStream('./foo.pdf'));
    });
    
    pdf.create(html).toBuffer(function(err, buffer){
      console.log('This is a buffer:', Buffer.isBuffer(buffer));
    });
    
    
    // for backwards compatibility
    // alias to pdf.create(html[, options]).toBuffer(callback)
    pdf.create(html [, options], function(err, buffer){});

    Footers and Headers

    html-pdf can read the header or footer either out of the footer and header config object or out of the html source. You can either set a default header & footer or overwrite that by appending a page number (1 based index) to the id="pageHeader" attribute of a html tag.

    You can use any combination of those tags. The library tries to find any element, that contains the pageHeader or pageFooter id prefix.

    <div id="pageHeader">Default header</div>
    <div id="pageHeader-first">Header on first page</div>
    <div id="pageHeader-2">Header on second page</div>
    <div id="pageHeader-3">Header on third page</div>
    <div id="pageHeader-last">Header on last page</div>
    ...
    <div id="pageFooter">Default footer</div>
    <div id="pageFooter-first">Footer on first page</div>
    <div id="pageFooter-2">Footer on second page</div>
    <div id="pageFooter-last">Footer on last page</div>

    Options

    config = {
    
      // Export options
      "directory": "/tmp",       // The directory the file gets written into if not using .toFile(filename, callback). default: '/tmp'
      
      "readLocalFile": false,     // Option to help specify if access to 'local files' is allowed or not (default *false* to avoid 'arbitrary file read')
    
      // Papersize Options: http://phantomjs.org/api/webpage/property/paper-size.html
      "height": "10.5in",        // allowed units: mm, cm, in, px
      "width": "8in",            // allowed units: mm, cm, in, px
      - or -
      "format": "Letter",        // allowed units: A3, A4, A5, Legal, Letter, Tabloid
      "orientation": "portrait", // portrait or landscape
    
      // Page options
      "border": "0",             // default is 0, units: mm, cm, in, px
      - or -
      "border": {
        "top": "2in",            // default is 0, units: mm, cm, in, px
        "right": "1in",
        "bottom": "2in",
        "left": "1.5in"
      },
    
      paginationOffset: 1,       // Override the initial pagination number
      "header": {
        "height": "45mm",
        "contents": '<div style="text-align: center;">Author: Marc Bachmann</div>'
      },
      "footer": {
        "height": "28mm",
        "contents": {
          first: 'Cover page',
          2: 'Second page', // Any page number is working. 1-based index
          default: '<span style="color: #444;">{{page}}</span>/<span>{{pages}}</span>', // fallback value
          last: 'Last Page'
        }
      },
    
    
      // Rendering options
      "base": "file:///home/www/your-asset-path", // Base path that's used to load files (images, css, js) when they aren't referenced using a host
    
      // Zooming option, can be used to scale images if `options.type` is not pdf
      "zoomFactor": "1", // default is 1
    
      // File options
      "type": "pdf",             // allowed file types: png, jpeg, pdf
      "quality": "75",           // only used for types png & jpeg
    
      // Script options
      "phantomPath": "./node_modules/phantomjs/bin/phantomjs", // PhantomJS binary which should get downloaded automatically
      "phantomArgs": [], // array of strings used as phantomjs args e.g. ["--ignore-ssl-errors=yes"]
      "script": '/url',           // Absolute path to a custom phantomjs script, use the file in lib/scripts as example
      "timeout": 30000,           // Timeout that will cancel phantomjs, in milliseconds
    
      // Time we should wait after window load
      // accepted values are 'manual', some delay in milliseconds or undefined to wait for a render event
      "renderDelay": 1000,
    
      // HTTP Headers that are used for requests
      "httpHeaders": {
        // e.g.
        "Authorization": "Bearer ACEFAD8C-4B4D-4042-AB30-6C735F5BAC8B"
      },
    
      // To run Node application as Windows service
      "childProcessOptions": {
        "detached": true
      }
    
      // HTTP Cookies that are used for requests
      "httpCookies": [
        // e.g.
        {
          "name": "Valid-Cookie-Name", // required
          "value": "Valid-Cookie-Value", // required
          "domain": "localhost",
          "path": "/foo", // required
          "httponly": true,
          "secure": false,
          "expires": (new Date()).getTime() + (1000 * 60 * 60) // e.g. expires in 1 hour
        }
      ]
    
    }

    The full options object gets converted to JSON and will get passed to the phantomjs script as third argument.
    There are more options concerning the paperSize, header & footer options inside the phantomjs script.

    Install

    npm i secure-html-to-pdf

    DownloadsWeekly Downloads

    4

    Version

    1.0.2

    License

    MIT

    Unpacked Size

    118 kB

    Total Files

    13

    Last publish

    Collaborators

    • avatar