| ▲ | bigbones 13 hours ago | |||||||
It sounds like you might know the answer to this. Would it be straightforward to use this for sandboxed headless file conversion? You can do that already with LibreOffice, but it's a monster amount of unsafe code that's difficult to containerize securely | ||||||||
| ▲ | thorstenb 12 hours ago | parent | next [-] | |||||||
Indeed can be done, proof of concept shown in this talk: https://www.youtube.com/watch?v=X8LwaDjcr7M Regarding sandboxing - everything WebAssembly is heavily sandboxed already, and requires cross-origin isolation in the browser, so we can use SharedArrayBuffers. So that's likely no worse than running LibreOffice containerized on a server. | ||||||||
| ||||||||
| ▲ | e1g 9 hours ago | parent | prev [-] | |||||||
I just containerized LibreOffice to do docx->pdf conversation, but now I'm wondering - what parts seem particularly gnarly to you? My naive strategy is to mount an external volume to put/collect files, then call `soffice` inside the container to process them. We generate all source docx files so I'm not worried about an injection from that angle. | ||||||||