Prince can be used server-side to produce PDFs, invoked by a wrapper script. Somce care needs to be used in the configuration to make it reliable and secure.
When you control the input, Prince produces the expected output. But when you have no control on the input, as happens when running Prince on a server, it might be important to harden the installation in order to reduce a possible surface of vulnerability. Prince offers some options to aid the configuration, while other possibilities depend on the environment configuration on the server.
It might be a good precaution to run Prince with the command-line option
--no-local-files
in order to exclude any unwanted access to the local
file system. It is also a good idea not to enable --xml-external-entities
or --xinclude
.
A more comprehensive hardening practice is to run Prince in a chroot/jail/vms/container. Prince needs access to several libaries it depends on, as well as fonts and SSL certificates.
When running multiple instances of Prince, it might be advisable to disable
parallel rasterisation with the command-line option --raster-threads=1
to improve throughput. Setting GC_MARKERS=1
in the environment will
do the same for garbage collection threads.
Since different server configurations make use of different scripting languages, wrappers in those languages are necessary to invoke Prince. Wrappers for several of the most widely used scripting languages are available for download on the Wrappers Download Page.
For details on the usage of each of the wrappers, please consult the following pages:
Prince can also be called from the command-line with the Advanced Command Line Options, which can be useful when understanding the calls Prince can be controlled with, and the output it produces, in order to write your own wrapper.
There are also third-party wrappers available for download on external sites. Please note that YesLogic does not take any responsibilities for third-party wrappers offered for download on these external locations.