Search code examples
phpsslcurlhttpsmpdf

mpdf broken images over https

I'm using mpdf to generate pdfs. All fine, until I switched to https. After that, pdfs are still correctly generated, but images are broken. Their sources are correctly written with https protocol on the php template. And I also tried to use only relative paths. Nothing.

The following is sample code form my class:

  public function save_pdf($translate = false){
    $this->mpdf = new \Mpdf\Mpdf();
    $this->mpdf->CSSselectMedia='mpdf';
    //$this->mpdf->showImageErrors = true; // this will log errors into the php log file

    $ch = curl_init($this->pdf_css_path . '/configurator-pdf.css');
    // this disables ssl check: unsafe
    if($this->disable_ssl_check) curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
    curl_setopt($ch, CURLOPT_HEADER, false);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
    $css = curl_exec($ch);
    curl_close($ch);

    $template = ($translate) ? $this->pdf_template_url : $this->pdf_template_url_it;
    $filename = ($translate) ? $this->pdf_name : $this->pdf_it_name;
    $_POST['cid'] = $this->cid;

    $json = json_encode($_POST);

    $ch = curl_init($template);
    // this disables ssl check: unsafe
    if($this->disable_ssl_check) curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
    curl_setopt($ch, CURLOPT_HTTPHEADER, [ 'Content-Type: application/json', 'Content-Length: ' . strlen($json) ]);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $json);
    $html = curl_exec($ch);
    curl_close($ch);

    $this->mpdf->WriteHTML($css, 1);
    $this->mpdf->WriteHTML($html, 2);

    $pdf = $this->pdf_destination_path . DS . $filename;
    $this->mpdf->Output($pdf, \Mpdf\Output\Destination::FILE);
  }
Solution

  • Found a solution here:

    Images with https in mpdf

    We can set this

    //note: using $this only because in my case mpdf is a class prop
$this->mpdf->curlAllowUnsafeSslRequests = true;

    And automagically it will solve, at least with my program above. Obviously, this is not a 'secure' solution especially if the images and/or contents are unknown/unpredictable. You should otherwise strive to get a working certificate. Two good articles about cert settings are these:

    https://welaunch.io/plugins/woocommerce-pdf-catalog/faq/images-pdf-displays-red-cross-https-mpdf/

    https://medium.com/@f.h.ferreira/file-get-contents-ssl-operation-failed-php-4297ad92977f

    This last in particular also gives links to https://curl.haxx.se/ and its certificates. I didn't tested though.