View Revisions: Issue #1077

Summary 0001077: Set strict defaults for Web Print PDF validation
Revision 2019-10-07 15:42 by rijkr
Description IST: At Web Print of PDF documents, the origin/producer of the document is not unequivocal as with a driver print (with inherent ps2pdf operation). As a result, there is a real chance that invalid PDF documents will end up in SavaPage for which rendering is inconsistent, resulting in a distorted print result. Current configuration properties can be used to reject invalid PDF documents, but default values ​​are not strict enough.
SOLL-1: Rename (add) configuration properties to enforce strict defaults with Web Print of PDF documents.
Ref Old                                 New                         Default
--- -------------------------------     -----------------------------------
(1) print-in.repair.pdf.enable          print-in.pdf.invalid.repair    Y
(2) print-in.allow-encrypted-pdf        print-in.pdf.encrypted.allow   Y
(3) print-in.validate.pdf.fonts.enable  print-in.pdf.fonts.verify      Y
(4) print-in.pdf.embedfont.enable       print-in.pdf.fonts.embed       Y
(5) -                                   print-in.pdf.clean             Y
(1) Uploaded PDF document is read to check validity. If PDF is invalid, repair is executed. If repair fails, upload is rejected.
(2) If PDF is encrypted, it is decrypted.
(3) PDF font syntax is verified. If font errors are encountered, a repair is executed. If repair fails, upload is rejected.
(4) If non-embedded/non-standard PDF fonts are detected, they are ad-hoc embedded (with best-fit fonts available on the system). Reason: for some PDF documents it has been observed that font embedding by CUPS/Ghostscript resulted in missing text.
(5) PDF is cleaned by executing pdftocairo command. Reason: pdf2ps executed by CUPS/Ghostscript might result in missing text and annotations.

SOLL-2: "proxy-print.repair.enable" is deprecated and will eventually be removed. This setting was intended as safety net to trigger a repair action just before a proxy print. Looking back, the "font embedding" and overall cleaning effect of the "pdftocairo" repair did secure the rendering in those cases where the pdf2ps of CUPS/Ghostscript did not. PDF cleaning is now default enforced with "print-in.pdf.clean" immediately after the Web Print. Config item is removed from Admin Web App > Options > Proxy Print.

SOLL-3: Show PDF print-in statistics (valid, repaired, rejected) on Admin Web App Dashboard
Revision 2019-09-30 21:07 by rijkr
Description IST: At Web Print of PDF documents, the origin/producer of the document is not unequivocal as with a driver print (with inherent ps2pdf operation). As a result, there is a real chance that invalid PDF documents will end up in SavaPage for which rendering is inconsistent, resulting in a distorted print result. Current configuration properties can be used to reject invalid PDF documents, but default values ​​are not strict enough.
SOLL-1: Rename (add) configuration properties to enforce strict defaults with Web Print of PDF documents.
Ref Old                                 New                         Default
--- -------------------------------     -----------------------------------
(1) print-in.repair.pdf.enable          print-in.pdf.invalid.repair    Y
(2) print-in.allow-encrypted-pdf        print-in.pdf.encrypted.allow   Y
(3) print-in.validate.pdf.fonts.enable  print-in.pdf.fonts.verify      Y
(4) print-in.pdf.embedfont.enable       print-in.pdf.fonts.embed       Y
(5) -                                   print-in.pdf.clean             Y
(1) Uploaded PDF document is read to check validity. If PDF is invalid, repair is executed. If repair fails, upload is rejected.
(2) If PDF is encrypted, it is decrypted.
(3) PDF font syntax is verified. If font errors are encountered, a repair is executed. If repair fails, upload is rejected.
(4) If non-embedded/non-standard PDF fonts are detected, they are ad-hoc embedded (with best-fit fonts available on the system). Reason: for some PDF documents it has been observed that font embedding by CUPS/Ghostscript resulted in missing text.
(5) PDF is cleaned by executing pdftocairo command. Reason: pdf2ps executed by CUPS/Ghostscript might result in missing text and annotations.

SOLL-2: "proxy-print.repair.enable" is deprecated and will eventually be removed. This setting was intended as safety net to trigger a repair action just before a proxy print. Looking back, the "font embedding" and overall cleaning effect of the "pdftocairo" repair did secure the rendering in those cases where the pdf2ps of CUPS/Ghostscript did not. PDF cleaning is now default enforced with "print-in.pdf.clean" immediately after the Web Print. Config item is removed from Admin Web App > Options > Proxy Print.
Revision 2019-09-30 20:50 by rijkr
Description IST: At Web Print of PDF documents, the origin/producer of the document is not unequivocal as with a driver print (with inherent ps2pdf operation). As a result, there is a real chance that invalid PDF documents will end up in SavaPage for which rendering is inconsistent, resulting in a distorted print result. Current configuration properties can be used to reject invalid PDF documents, but default values ​​are not strict enough.
SOLL-1: Rename configuration properties to enforce strict defaults with Web Print of PDF documents.
Ref Old                                 New                         Default
--- -------------------------------     -----------------------------------
(1) print-in.repair.pdf.enable          print-in.pdf.invalid.repair    Y
(2) print-in.allow-encrypted-pdf        print-in.pdf.encrypted.allow   Y
(3) print-in.validate.pdf.fonts.enable  print-in.pdf.fonts.verify      Y
(4) print-in.pdf.embedfont.enable       print-in.pdf.fonts.embed       Y
(5) -                                   print-in.pdf.clean             Y
(1) Uploaded PDF document is read to check validity. If PDF is invalid, repair is executed. If repair fails, upload is rejected.
(2) If PDF is encrypted, it is decrypted.
(3) PDF font syntax is verified. If font errors are encountered, a repair is executed. If repair fails, upload is rejected.
(4) If non-embedded/non-standard PDF fonts are detected, they are ad-hoc embedded (with best-fit fonts available on the system). Reason: for some PDF documents it has been observed that font embedding by CUPS/Ghostscript resulted in missing text.
(5) PDF is cleaned by executing pdftocairo command. Reason: pdf2ps executed by CUPS/Ghostscript might result in missing text and annotations.

SOLL-2: "proxy-print.repair.enable" is deprecated and will eventually be removed. This setting was intended as safety net to trigger a repair action just before a proxy print. Looking back, the "font embedding" and overall cleaning effect of the "pdftocairo" repair did secure the rendering in those cases where the pdf2ps of CUPS/Ghostscript did not. PDF cleaning is now default enforced with "print-in.pdf.clean" immediately after the Web Print. Config item is removed from Admin Web App > Options > Proxy Print.
Revision 2019-09-30 20:48 by rijkr
Description IST: At Web Print of PDF documents, the origin/producer of the document is not unequivocal as with a driver print (with inherent ps2pdf operation). As a result, there is a real chance that invalid PDF documents will end up in SavaPage for which rendering is inconsistent, resulting in a distorted print result. Current configuration properties can be used to reject invalid PDF documents, but default values ​​are not strict enough.
SOLL-1: Rename configuration properties to enforce strict defaults with Web Print of PDF documents.
Ref Old                                 New                         Default
--- -------------------------------     -----------------------------------
(1) print-in.repair.pdf.enable          print-in.pdf.invalid.repair    Y
(2) print-in.allow-encrypted-pdf        print-in.pdf.encrypted.allow   Y
(3) print-in.validate.pdf.fonts.enable  print-in.pdf.fonts.verify      Y
(4) print-in.pdf.embedfont.enable       print-in.pdf.fonts.embed       Y
(5) -                                   print-in.pdf.clean             Y
(1) Uploaded PDF document is read to check validity. If PDF is invalid, repair is executed. If repair fails, upload is rejected.
(2) If PDF is encrypted, it is decrypted.
(3) PDF font syntax is verified. If font errors are encountered, a repair is executed. If repair fails, upload is rejected.
(4) If non-embedded/non-standard PDF fonts are detected, they are ad-hoc embedded (with best-fit fonts available on the system). Reason: for some PDF documents it has been observed that font embedding by CUPS/Ghostscript resulted in missing text.
(5) PDF is cleaned by executing pdftocairo command. Reason: pdf2ps executed by CUPS/Ghostscript might result in missing text and annotations.

SOLL-2: "proxy-print.repair.enable" is deprecated and will eventually be removed. This setting was intended as safety net to trigger a repair action just before a proxy print. Looking back, the "font embedding" side effect of the "pdftocairo" repair did secure the rendering in those cases where the font embedding of CUPS/Ghostscript did not. Font embedding is now default enforced with "print-in.pdf.fonts.embed" immediately after the Web Print. Config item is removed from Admin Web App > Options > Proxy Print.
Revision 2019-09-30 20:48 by rijkr
Description IST: At Web Print of PDF documents, the origin/producer of the document is not unequivocal as with a driver print (with inherent ps2pdf operation). As a result, there is a real chance that invalid PDF documents will end up in SavaPage for which rendering is inconsistent, resulting in a distorted print result. Current configuration properties can be used to reject invalid PDF documents, but default values ​​are not strict enough.
SOLL-1: Rename configuration properties to enforce strict defaults with Web Print of PDF documents.
Ref Old                                 New                         Default
--- -------------------------------     -----------------------------------
(1) print-in.repair.pdf.enable          print-in.pdf.invalid.repair    Y
(2) print-in.allow-encrypted-pdf        print-in.pdf.encrypted.allow   Y
(3) print-in.validate.pdf.fonts.enable  print-in.pdf.fonts.verify      N
(4) print-in.pdf.embedfont.enable       print-in.pdf.fonts.embed       Y
(5) -                                   print-in.pdf.clean             Y
(1) Uploaded PDF document is read to check validity. If PDF is invalid, repair is executed. If repair fails, upload is rejected.
(2) If PDF is encrypted, it is decrypted.
(3) PDF font syntax is verified. If font errors are encountered, a repair is executed. If repair fails, upload is rejected.
(4) If non-embedded/non-standard PDF fonts are detected, they are ad-hoc embedded (with best-fit fonts available on the system). Reason: for some PDF documents it has been observed that font embedding by CUPS/Ghostscript resulted in missing text.
(5) PDF is cleaned by executing pdftocairo command. Reason: pdf2ps executed by CUPS/Ghostscript might result in missing text and annotations.

SOLL-2: "proxy-print.repair.enable" is deprecated and will eventually be removed. This setting was intended as safety net to trigger a repair action just before a proxy print. Looking back, the "font embedding" side effect of the "pdftocairo" repair did secure the rendering in those cases where the font embedding of CUPS/Ghostscript did not. Font embedding is now default enforced with "print-in.pdf.fonts.embed" immediately after the Web Print. Config item is removed from Admin Web App > Options > Proxy Print.
Revision 2019-09-02 22:14 by rijkr
Description IST: At Web Print of PDF documents, the origin/producer of the document is not unequivocal as with a driver print (with inherent ps2pdf operation). As a result, there is a real chance that invalid PDF documents will end up in SavaPage for which rendering is inconsistent, resulting in a distorted print result. Current configuration properties can be used to reject invalid PDF documents, but default values ​​are not strict enough.
SOLL-1: Rename configuration properties to enforce strict defaults with Web Print of PDF documents.
Ref Old                                 New                         Default
--- -------------------------------     -----------------------------------
(1) print-in.repair.pdf.enable          print-in.pdf.invalid.repair    Y
(2) print-in.allow-encrypted-pdf        print-in.pdf.encrypted.allow   Y
(3) print-in.validate.pdf.fonts.enable  print-in.pdf.fonts.verify      N
(4) print-in.pdf.embedfont.enable       print-in.pdf.fonts.embed       Y
(1) Uploaded PDF document is read to check validity. If PDF is invalid, repair is executed. If repair fails, upload is rejected.
(2) If PDF is encrypted, it is decrypted.
(3) Optional: PDF font syntax is verified. If font errors are encountered, the upload is rejected.
(4) If non-embedded/non-standard PDF fonts are detected, they are ad-hoc embedded (with best-fit fonts available on the system). Reason: for some PDF documents it has been observed that font embedding by CUPS/Ghostscript resulted in missing text.

SOLL-2: "proxy-print.repair.enable" is deprecated and will eventually be removed. This setting was intended as safety net to trigger a repair action just before a proxy print. Looking back, the "font embedding" side effect of the "pdftocairo" repair did secure the rendering in those cases where the font embedding of CUPS/Ghostscript did not. Font embedding is now default enforced with "print-in.pdf.fonts.embed" immediately after the Web Print. Config item is removed from Admin Web App > Options > Proxy Print.
Revision 2019-09-02 16:24 by rijkr
Description IST: At Web Print of PDF documents, the origin/producer of the document is not unequivocal as with a driver print (with inherent ps2pdf operation). As a result, there is a real chance that invalid PDF documents will end up in SavaPage for which rendering is inconsistent, resulting in a distorted print result. Current configuration properties can be used to reject invalid PDF documents, but default values ​​are not strict enough.
SOLL-1: Rename configuration properties to enforce strict defaults with Web Print of PDF documents.
Ref Old                                 New                         Default
--- -------------------------------     -----------------------------------
(1) print-in.repair.pdf.enable          print-in.pdf.invalid.repair    Y
(2) print-in.allow-encrypted-pdf        print-in.pdf.encrypted.allow   Y
(3) print-in.validate.pdf.fonts.enable  print-in.pdf.fonts.verify      Y
(4) print-in.pdf.embedfont.enable       print-in.pdf.fonts.embed       Y
(1) Uploaded PDF document is read to check validity. If PDF is invalid, repair is executed. If repair fails, upload is rejected.
(2) If PDF is encrypted, it is decrypted.
(3) PDF font syntax is verified. If font errors are encountered, the upload is rejected.
(4) If non-embedded/non-standard PDF fonts are detected, they are ad-hoc embedded (with best-fit fonts available on the system). Reason: for some PDF documents it has been observed that font embedding by CUPS/Ghostscript resulted in missing text.

SOLL-2: "proxy-print.repair.enable" is deprecated and will eventually be removed. This setting was intended as safety net to trigger a repair action just before a proxy print. Looking back, the "font embedding" side effect of the "pdftocairo" repair did secure the rendering in those cases where the font embedding of CUPS/Ghostscript did not. Font embedding is now default enforced with "print-in.pdf.fonts.embed" immediately after the Web Print. Config item is removed from Admin Web App > Options > Proxy Print.
Revision 2019-09-02 12:41 by rijkr
Description IST: At Web Print of PDF documents, the origin/producer of the document is not unequivocal as with a driver print (with inherent ps2pdf operation). As a result, there is a real chance that invalid PDF documents will end up in SavaPage for which rendering is inconsistent, resulting in a distorted print result. Current configuration properties can be used to reject invalid PDF documents, but default values ​​are not strict enough.
SOLL: Rename configuration properties to enforce strict defaults with Web Print of PDF documents.
Ref Old                                 New                         Default
--- -------------------------------     -----------------------------------
(1) print-in.repair.pdf.enable          print-in.pdf.invalid.repair    Y
(2) print-in.allow-encrypted-pdf        print-in.pdf.encrypted.allow   Y
(3) print-in.validate.pdf.fonts.enable  print-in.pdf.fonts.verify      Y
(4) print-in.pdf.embedfont.enable       print-in.pdf.fonts.embed       Y
(1) Uploaded PDF document is read to check validity. If PDF is invalid, repair is executed. If repair fails, upload is rejected.
(2) If PDF is encrypted, it is decrypted.
(3) PDF font syntax is verified. If font errors are encountered, the upload is rejected.
(4) If non-embedded/non-standard PDF fonts are detected, they are ad-hoc embedded (with best-fit fonts available on the system). Reason: for some PDF documents it has been observed that font embedding by CUPS/Ghostscript resulted in missing text.

Note: "proxy-print.repair.enable" is deprecated and will eventually be removed. This setting was intended as safety net to trigger a repair action just before a proxy print. Looking back, the "font embedding" side effect of the "pdftocairo" repair did secure the rendering in those cases where the font embedding of CUPS/Ghostscript did not. Font embedding is now default enforced with "print-in.pdf.fonts.embed" immediately after the Web Print.
Revision 2019-09-02 12:41 by rijkr
Description IST: At Web Print of PDF documents, the origin/producer of the document is not unequivocal as with a driver print (with inherent ps2pdf operation). As a result, there is a real chance that invalid PDF documents will end up in SavaPage for which rendering is inconsistent, resulting in a distorted print result. Current configuration properties can be used to reject invalid PDF documents, but default values ​​are not strict enough.
SOLL: Rename configuration properties to enforce strict defaults with Web Print of PDF documents.
Ref Old                                 New                         Default
--- -------------------------------     -----------------------------------
(1) print-in.repair.pdf.enable          print-in.pdf.invalid.repair    Y
(2) print-in.allow-encrypted-pdf        print-in.pdf.encrypted.allow   Y
(3) print-in.validate.pdf.fonts.enable  print-in.pdf.fonts.verify      Y
(4) print-in.pdf.embedfont.enable       print-in.pdf.fonts.embed       Y

(1) Uploaded PDF document is read to check validity. If PDF is invalid, repair is executed. If repair fails, upload is rejected.
(2) If PDF is encrypted, it is decrypted.
(3) PDF font syntax is verified. If font errors are encountered, the upload is rejected.
(4) If non-embedded/non-standard PDF fonts are detected, they are ad-hoc embedded (with best-fit fonts available on the system). Reason: for some PDF documents it has been observed that font embedding by CUPS/Ghostscript resulted in missing text.

Note: "proxy-print.repair.enable" is deprecated and will eventually be removed. This setting was intended as safety net to trigger a repair action just before a proxy print. Looking back, the "font embedding" side effect of the "pdftocairo" repair did secure the rendering in those cases where the font embedding of CUPS/Ghostscript did not. Font embedding is now default enforced with "print-in.pdf.fonts.embed" immediately after the Web Print.
Revision 2019-09-02 12:41 by rijkr
Description IST: At Web Print of PDF documents, the origin/producer of the document is not unequivocal as with a driver print (with inherent ps2pdf operation). As a result, there is a real chance that invalid PDF documents will end up in SavaPage for which rendering is inconsistent, resulting in a distorted print result. Current configuration properties can be used to reject invalid PDF documents, but default values ​​are not strict enough.
SOLL: Rename configuration properties to enforce strict defaults with Web Print of PDF documents.
Ref Old                                 New                         Default
--- -------------------------------     -----------------------------------
(1) print-in.repair.pdf.enable          print-in.pdf.invalid.repair    Y
(2) print-in.allow-encrypted-pdf        print-in.pdf.encrypted.allow   Y
(3) print-in.validate.pdf.fonts.enable  print-in.pdf.fonts.verify      Y
(4) print-in.pdf.embedfont.enable       print-in.pdf.fonts.embed       Y

(1) Uploaded PDF document is read to check validity. If PDF is invalid, repair is executed. If repair fails, upload is rejected.
(2) If PDF is encrypted, it is decrypted.
(3) PDF font syntax is verified. If font errors are encountered, the upload is rejected.
(4) If non-embedded/non-standard PDF fonts are detected, they are ad-hoc embedded (with best-fit fonts available on the system). Reason: for some PDF documents it has been observed that font embedding by CUPS/Ghostscript resulted in missing text.

Note: "proxy-print.repair.enable" is deprecated and will eventually be removed. This setting was intended as safety net to trigger a repair action just before a proxy print. Looking back, the "font embedding" side effect of the "pdftocairo" repair did secure the rendering in those cases where the font embedding of CUPS/Ghostscript did not. Font embedding is now default enforced with "print-in.pdf.fonts.embed" immediately after the Web Print.