BunnyConvert: Engineering a Zero-Server Browser-Based PDF Suite for Privacy
These articles are AI-generated summaries. Please check the original sources for full details.
I Built a Browser-Based PDF Converter to Stop Uploading Sensitive Files to Random Sites
Developer Bunnyconvert created BunnyConvert to eliminate the security risks associated with uploading sensitive documents to third-party PDF processing servers. The system provides 24 specialized tools that execute entirely within the user’s browser using client-side JavaScript.
Why This Matters
Traditional PDF utilities often operate as ‘black boxes’ where files are uploaded to remote servers, creating significant privacy risks and potential data breaches for sensitive contracts. By leveraging client-side libraries to perform complex manipulations like HEIC decoding and PDF merging locally, BunnyConvert demonstrates a shift toward zero-trust architecture in web-based document processing, where the technical reality of zero outbound file requests matches the ideal privacy model.
Key Insights
- Client-side PDF manipulation is achieved using pdf-lib (2026) for merging, splitting, and compressing files without external server calls.
- Localized character support requires embedding custom TTF files because pdf-lib StandardFonts do not natively support Turkish characters.
- HEIC image decoding is handled in the browser via heic2any, enabling conversion to PDF without backend image processing.
- The application utilizes Capacitor as a wrapper to deploy a Vanilla JavaScript frontend to Android and iOS environments.
- Document rendering for preview and interaction is managed by pdf.js, allowing for DocuSign-like signature placement using mouse and touch events.
Practical Applications
- Use case: Legal and HR departments can use BunnyConvert to sign and merge sensitive contracts locally to ensure data never leaves the workstation. Pitfall: Browser-based processing may face memory constraints when handling exceptionally large files that would typically require server-side streaming.
- Use case: Developers can audit network activity via DevTools to verify that zero file data is transmitted to external endpoints. Pitfall: Implementing ad-based monetization on mobile wrappers faces significant delays, such as AdMob’s 2-4 week production approval cycles.
References:
Continue reading
Next article
AI Coding Agents: A Week of Real-World Engineering Data
Related Content
Building Privacy-First PDF and Image Tools via Browser-Native Processing
Swathik is launching pdfandimagetools.com, a platform using WebAssembly and ONNX Runtime to process sensitive documents locally without server uploads.
DevsTools.app Launches 25+ Client-Side Development Tools
DevsTools.app offers 25+ free, client-side development tools, ensuring zero data transmission for enhanced privacy.
Mizakii: A Privacy-First Suite of 70+ Free Developer Tools
Developer Ali Hassan launches Mizakii, a collection of 70+ browser-based tools designed to eliminate paywalls and data privacy concerns for common engineering tasks.