Remote templates

A remote template fetches its output from another HTTP service instead of rendering HTML locally. It is defined by a single template.http.hbs file: a Handlebars template that renders a raw HTTP request. PDF Server executes that request and returns the response body (typically a PDF) as the result.

remote-invoice/
  template.http.hbs
  schema.json
  examples/
    minimal.json
{{! template.http.hbs — renders a raw HTTP request }}
GET {{documentUrl}} HTTP/1.1
Host: {{host}}
Accept: application/pdf

The rendered request is parsed and executed; a non-2xx response (status > 299) is an error. The most common use is inside a composition to stitch a remotely-produced PDF together with locally-rendered pages (see the remote-merge example in the Gallery).

Security — read this before using request data in the URL

The request text is rendered from template data. If any part of the URL, host, or headers comes from untrusted request data, this becomes a Server-Side Request Forgery vector: a caller could make your server fetch internal endpoints (for example a cloud metadata service), and newline characters in a value can inject additional headers.

Safe usage:

  • Only build remote requests from trusted data (fixed hosts, internal configuration), never from end-user input.
  • Prefer pinning the scheme and host in the template and passing only an opaque identifier as data.
  • Deploy with an egress network policy that blocks private/link-local ranges.

See Security model and Proved security issues for the full analysis and mitigations.