Guide: Securing access to HTML documents
Tips for securing access to your source HTML documents.
Paperplane needs to access your source web pages at a publicly accessible URL in order to fetch and convert the web page to a PDF document.
However, your source web pages may contain private or sensitive data. There are three recommended solutions to this problem - you can choose the option that best fits your circumstances.
Paperplane can request pages and other assets that use HTTP Basic Authentication to protect access. To use HTTP Basic Auth, set a
username
and optionally a password
parameter when creating a job.Another option is to create a secret key, append this as a query parameter to the URLs you send to Paperplane, and then only allow access if the secret key is correct.
If it's not convenient for you to set up HTTP Basic Auth, this is a good alternative method of securing access.
For example, a URL that provides a secret key parameter might look like this:
https://myexampleapp.com/invoices/12345?key=9bbfbbb1-dc29-42eb-bf06-86a95e2cd9da
Alternatively you can make the page available at a URL that includes an unguessable random string such as a UUID v4. UUID generators are available for all popular languages. This is similar to the schemes that services like Google Drive and Dropbox use to create secure shareable links.
For example, a URL that includes a random UUID might look like this:
https://myexampleapp.com/invoices/53304a6a-2bf4-4028-b8af-aeb7250b4e56