pdfbox-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Timo Vander Schuit <timo.vander.sch...@globalrelay.net>
Subject Safe to take base64 image from client?
Date Mon, 29 May 2017 17:29:10 GMT
Hi,

The front-end generates a base64 encoded image of a graph and send it to the backend to use
it with pdfbox to create a pdf file.
Are there any security concerns with this?

@POST
@Consumes(MediaType.APPLICATION_JSON)
@Path("/pdfbox")
public void getChartsPdf(String base64ImageData) throws IOException{

    PDDocument doc = null;
    byte[] imageByte;
    String base64Image = base64ImageData.split(",")[1];
    BASE64Decoder decoder = new BASE64Decoder();
    imageByte = decoder.decodeBuffer(base64Image);
    try {
        doc = new PDDocument();
        PDPage page = new PDPage();
        doc.addPage(page);
        PDFont font = PDType1Font.HELVETICA_BOLD;
        PDPageContentStream contentStream = new PDPageContentStream(doc, page);

        BufferedImage bufImg = ImageIO.read(new ByteArrayInputStream(imageByte));
        PDXObjectImage ximage = new PDPixelMap(doc, bufImg);

        contentStream.beginText();
        contentStream.setFont( font, 12 );
        contentStream.moveTextPositionByAmount( 50, 700 );
        contentStream.drawString("Timeline");
        contentStream.endText();
        contentStream.drawXObject(ximage, 20, 500, ximage.getWidth()/2, ximage.getHeight()/2);
        contentStream.close();
        doc.save("testCharts.pdf");
    } catch (Exception e) {
        System.err.println(e.getMessage());
    } finally {
        if (doc != null) {
            doc.close();
        }
    }
}

Regards,

Timo

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message