No More Buckeroo

To be fair, this is a rehash of Just Say No to Nozzles, but it’s worth rehashing.

A recent conversation went like this:

  • We’ve managed to make the HTML render correctly
  • Next we need to pass it to the converter to make it PDF
  • But how can we allow the converter to get around the security layer of the website?
  • We could maybe add a different authentication route?
  • Or maybe leave this page unauthenticated, but have a token to validate the request, so it’s blank unless you’re the server who knows how to create that token

Question – do we need the HTML?
Answer – actually yes – it allows us to make dynamic PDFs more easily than writing straight to the doc

Question – are we generating HTML in a good way?
Answer – again yes – Thymeleaf is doing a great job and we’re using it elsewhere in the system

Question – who else looks at this page in a browser?
Answer – nobody

Then we need to find the shortest route from the HTML generate to the PDF converter, and there’s no reason HTTP should be involved, so we don’t need authentication or any of that.

Solution – find a way to get the HTML rendered outside of a web request, and pass it direct to the converter.

So, rather than add more until it works, we reverse until we run out of things we can remove/replace, and then we move forward from there to the simplest solution.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s