When you generate a PDF using HTML or CFML, you have to ensure that XSS vulnerabilities cannot be exploited. Hence, you must take relevant measures to protect your system against such vulnerabilities. Also, note that ColdFusion provides encoding functions for XSS protection. See the following functions:
Category
Data output tags
History
ColdFusion (2016 release) Update 3 - Added the attribute language.
See Also
Syntax
encryption = "AES_128|RC4_40|RC4_128|RC4_128M|None"
source = "URL|pathname absolute or relative to web root"
destination = "filename"
language="language name"
marginBottom = "number"
marginLeft = "number"
marginRight = "number"
marginTop = "number"
name = "output variable name"
orientation = "portrait|landscape"
overwrite = "yes|no"
ownerPassword = "password"
pageHeight = "page height in inches(default)"
pageType = "page type"
pageWidth = "page width in inches(default)"
permissions = "permission list"
saveAsName = "PDF filename"
unit = "in|cm"
userPassword = "password"
HTML and CFML code
Attributes
Attribute
Req/Opt
Default
Description
encryption
Optional
none
AES_128
RC4_40
RC4_128
RC4_128M
None
source
Required
URL of the source HTML document. In ColdFusion 11, an HTTP URL auto-redirects to an HTTPS URL. In ColdFusion 2016, enter the HTTPS URL manually as there will be no auto-redirects from HTTP to HTTPS.
destination
Optional
Pathname of a file to contain the PDF output. If you omit the destination attribute, ColdFusion displays the output in the browser.
language
Optional
English
Document language.
marginBottom
Optional
Bottom margin in inches (default) or centimeters. To specify the bottom margin in centimeters, include the unit=cm attribute.
marginLeft
Optional
Left margin in inches (default) or centimeters. To specify the left margin in centimeters, include the unit=cm attribute.
marginRight
Optional
Right margin in inches (default) or centimeters. To specify the right margin in centimeters, include the unit=cm attribute.
marginTop
Optional
Top margin in inches (default) or centimeters. To specify the top margin in centimeters, include the unit=cm attribute.
name
Optional
Name of an existing variable into which the tag stores the PDF.
orientation
Optional
portrait
Page orientation:
portrait
landscape
overwrite
Optional
no
Specifies whether ColdFusion overwrites an existing file. Used in conjunction with the destination attribute.
ownerPassword
Optional
Specifies the owner password. Cannot be same as userPassword.
pageHeight
Optional
Page height in inches (default) or centimeters. This attribute is only valid if pagetype=custom. To specify page height in centimeters, include the unit=cm attribute.
pageType
Optional
letter
Page type into which ColdFusion generates the report:
legal: 8.5 inches x 14 inches.
letter: 8.5 inches x 11 inches.
A4: 8.27 inches x 11.69 inches.
A5: 5.81 inches x 8.25 inches.
B4: 9.88 inches x 13.88 inches.
B5: 7 inches x 9.88 inches.
B4-JIS: 10.13 inches x 14.31 inches.
B5-JIS: 7.19 inches x 10.13 inches.
custom: custom height and width.
If you specify custom , also specify the pageHeight and pageWidth attributes, can optionally specify margin attributes and whether the units are inches or centimeters.
pageWidth
Optional
Page width in inches (default) or centimeters. This attribute is only valid if pageType=custom. To specify page width in centimeters, include the unit=cm attribute.
permissions
Optional
(format="PDF" only) Sets one or more of the following permissions:
AllowPrinting
AllowModifyContents
AllowCopy
AllowModifyAnnotations
AllowFillIn
AllowScreenReaders
AllowAssembly
AllowDegradedPrinting
AllowSecure
All
None
Separate multiple permissions with commas.
saveAsName
Optional
The filename that appears in the SaveAs dialog when a user saves a PDF file written to the browser.
unit
Optional
in
Default unit for the pageHeight, pageWidth, and margin attributes:
in: inches.
cm: centimeters.
userPassword
Optional
Specifies a user password. Cannot be same as ownerPassword.
Note: is added to support adding header/footer/pagebreak in the generated PDF. See The new tag.
Limitation:If you use cfhtmltopdf to convert an HTML page, that contains a form, to PDF, the resultant PDF will not contain the form fields. This is a limitation of the PDFg service, if PDFg is configured to run as a service. If you run PDFg from the command line, then the form fields will work as expected.
Examples
3853
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
