Product
Introducing Module Reachability: Focus on the Vulnerabilities That Matter
Module Reachability filters out unreachable CVEs so you can focus on vulnerabilities that actually matter to your application.
By Trevor Norris - Apr 23, 2025
🚀 Socket Launch Week 🚀 Day 2: Introducing Repository Labels and Security Policies.Learn More →
node-qpdf
A very simple wrapper for qpdf which is a content-preserving transformations on PDF files. It includes encrypting and decrypting PDF with AES 256, AES 128, RC4 (128 & 40) encryption algorithms.
Dependencies
Installation
- Install qpdf:
- Download qpdf
- Read qpdf manual for installation instructions.
- Install node-qpdf:
npm install node-qpdf
Encryption
You can encrypt your PDF by following:
var qpdf = require('node-qpdf');
var options = {
keyLength: 128,
password: 'YOUR_PASSWORD_TO_ENCRYPT'
}
qpdf.encrypt(localFilePath, options);
Options for Encryption
The following are required options
keyLength:- a number which defines the encryption algorithm to be used. Values can be 40, 128 and 256 only.password:- a string containing the secret password which will be further used to unlock the PDF.
You might want to set other options for each encryption algorithm inside restrictions: JSON according to the keyLength you choose :-
Key Length: 40
| Option | Value | Description |
|---|---|---|
print: | 'y', 'n' | Determines whether or not to allow printing. |
modify: | 'y', 'n' | Determines whether or not to allow document modification. |
extract: | 'y', 'n' | Determines whether or not to allow text/image extraction. |
annotate: | 'y', 'n' | Determines whether or not to allow comments and form fill-in and signing. |
Key Length: 128
| Option | Value | Description |
|---|---|---|
print: | 'full', 'low', 'none' | full: allow full printing. low: allow low-resolution printing only. none: disallow printing. |
modify: | 'all', 'annotate', 'form', 'assembly', 'none' | all: allow full document modification. annotate: allow comment authoring and form operations. form: allow form field fill-in and signing. assembly: allow document assembly only. none: allow no modifications. |
extract: | 'y', 'n' | Determines whether or not to allow text/image extraction. |
useAes: | 'y', 'n' | AES encryption will be used instead of RC4 encryption. |
accessibility: | 'y', 'n' | Determines whether or not to allow accessibility to visually impaired. |
Key Length: 256
| Option | Value | Description |
|---|---|---|
print: | 'full', 'low', 'none' | full: allow full printing. low: allow low-resolution printing only. none: disallow printing. |
modify: | 'all', 'annotate', 'form', 'assembly', 'none' | all: allow full document modification. annotate: allow comment authoring and form operations. form: allow form field fill-in and signing. assembly: allow document assembly only. none: allow no modifications. |
extract: | 'y', 'n' | Determines whether or not to allow text/image extraction. |
accessibility: | 'y', 'n' | Determines whether or not to allow accessibility to visually impaired. |
Examples
Render and Save:
var qpdf = require('node-qpdf');
var options = {
keyLength: 128,
password: 'YOUR_PASSWORD_TO_ENCRYPT',
restrictions: {
print: 'low',
useAes: 'y'
}
}
qpdf.encrypt(localFilePath, options, outputFilePath);
Render and Stream:
var qpdf = require('node-qpdf');
var options = {
keyLength: 256,
password: 'YOUR_PASSWORD_TO_ENCRYPT',
restrictions: {
modify: 'none',
extract: 'n'
}
}
var doc = qpdf.encrypt(localFilePath, options, outputFilePath);
doc.stdout.pipe(res);
res.writeHead(200, {
'Content-Type': 'application/pdf',
'Access-Control-Allow-Origin': '*',
'Content-Disposition': 'inline; filename=order.pdf'
});
Decryption
You can decrypt your PDF by following:
var qpdf = require('node-qpdf');
qpdf.decrypt(localFilePath, 'YOUR_PASSWORD_TO_DECRYPT_PDF');
Examples
Render and Save:
var qpdf = require('node-qpdf');
qpdf.decrypt(localFilePath, 'YOUR_PASSWORD_TO_DECRYPT_PDF', outputFilePath);
Render and Stream:
var qpdf = require('node-qpdf');
var doc = qpdf.decrypt(localFilePath, 'YOUR_PASSWORD_TO_DECRYPT_PDF', outputFilePath);
doc.stdout.pipe(res);
res.writeHead(200, {
'Content-Type': 'application/pdf',
'Access-Control-Allow-Origin': '*',
'Content-Disposition': 'inline; filename=order.pdf'
});
Meta
Maintained by Nishit Hirani
Contributing
Bug reports and pull requests are welcome on GitHub at https://github.com/nrhirani/node-qpdf.
License
The npm package is available as open source under the terms of the MIT License.
FAQs
A Content Preserving transformations on PDFs wrapped around QPDF
The npm package node-qpdf receives a total of 2,872 weekly downloads. As such, node-qpdf popularity was classified as popular.
We found that node-qpdf demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 23 Jan 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Repository Labels and Security Policies
Socket is introducing a new way to organize repositories and apply repository-specific security policies.
By Nolan Lawson - Apr 22, 2025
Research
Security News
The Bad Seeds: Malicious npm and PyPI Packages Pose as Developer Tools to Steal Wallet Credentials
Socket researchers uncovered malicious npm and PyPI packages that steal crypto wallet credentials using Google Analytics and Telegram for exfiltration.
By Kirill Boychenko - Apr 22, 2025