Skip to content

Security: UK-Ravi/astrapdf

Security

SECURITY.md

SECURITY POLICY

ZERO-DATA RETENTION GUARANTEE

AstraPDF is built from the ground up as a Client-Side Only application.

What does this mean?

  1. No Servers: We do not maintain any backend servers for processing files.
  2. Local Processing: When you load a PDF into AstraPDF, it is loaded directly into your browser's local memory (RAM).
  3. Total Isolation: Your files are never uploaded, transmitted, or stored on the internet.

Because of this architecture, AstraPDF is inherently immune to data breaches regarding your personal documents. Once you close the browser tab, the files are wiped from memory.

REPORTING A VULNERABILITY

If you discover a vulnerability (such as a Cross-Site Scripting (XSS) vector or a dependency exploit) in the underlying JavaScript libraries, please report it by opening an issue on the repository.

There aren't any published security advisories