Hi,
The front-end generates a base64 encoded image of a graph and send it to the
backend to use it with pdfbox to create a pdf file.
Are there any security concerns with in particular this line "BufferedImage
bufImg = ImageIO.read(new ByteArrayInputStream(imageByte));
“?
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Path("/pdfbox")
public void getChartsPdf(String base64ImageData) throws IOException{
PDDocument doc = null;
byte[] imageByte;
String base64Image = base64ImageData.split(",")[1];
BASE64Decoder decoder = new BASE64Decoder();
imageByte = decoder.decodeBuffer(base64Image);
try {
doc = new PDDocument();
PDPage page = new PDPage();
doc.addPage(page);
PDFont font = PDType1Font.HELVETICA_BOLD;
PDPageContentStream contentStream = new PDPageContentStream(doc, page);
BufferedImage bufImg = ImageIO.read(new
ByteArrayInputStream(imageByte));
PDXObjectImage ximage = new PDPixelMap(doc, bufImg);
contentStream.beginText();
contentStream.setFont( font, 12 );
contentStream.moveTextPositionByAmount( 50, 700 );
contentStream.drawString("Timeline");
contentStream.endText();
contentStream.drawXObject(ximage, 20, 500, ximage.getWidth()/2,
ximage.getHeight()/2);
contentStream.close();
doc.save("testCharts.pdf");
} catch (Exception e) {
System.err.println(e.getMessage());
} finally {
if (doc != null) {
doc.close();
}
}
}
Regards,
Timo
