PDF Printing

Print.js was primarily written to help us print PDF files directly within our apps, without leaving the interface, and no use of embeds. For unique situations where there is no need for users to open or download the PDF files, and instead, they just need to print them.

One scenario where this is useful, for example, is when users request to print reports that are generated on the server side. These reports are sent back as PDF files. There is no need to open these files before printing them. Print.js offers a quick way to print these files within our apps.

PDF files must be served from the same domain as your app is hosted under. Print.js uses iframe to load files before printing them, therefore, it is limited by the Same Origin Policy. This helps preventing Cross-site scripting (XSS) attacks.

Example

Add a button to print a PDF file located on your hosting server:


 <button type="button" onclick="printJS('docs/printjs.pdf')">
    Print PDF
 </button>

Result:

For large files, you can show a message to the user when loading files. 


 <button type="button" onclick="printJS({printable:'docs/xx_large_printjs.pdf', type:'pdf', showModal:true})">
    Print PDF with Message
 </button>

Result:

The library supports base64 PDF printing: 


 <button type="button" onclick="printJS({printable: base64, type: 'pdf', base64: true})">
    Print PDF with Message
 </button>

Result:

HTML Printing

Sometimes we just want to print selected parts of a HTML page, and that can be tricky. With Print.js, we can easily pass the id of the element that we want to print. The element can be of any tag, as long it has a unique id. The library will try to print it very close to how it looks on screen, and at the same time, it will create a printer friendly format for it.

Example

Add a print button to a HTML form:


 <form method="post" action="#" id="printJS-form">
    ...
 </form>

 <button type="button" onclick="printJS('printJS-form', 'html')">
    Print Form
 </button>

Result:

Name:
Email:
Message:

Print.js accepts an object with arguments. Let's print the form again, but now we will add a header to the page:


 <button type="button" onclick="printJS({ printable: 'printJS-form', type: 'html', header: 'PrintJS - Form Element Selection' })">
    Print Form with Header
 </button>

Result:

Image Printing

Print.js can be used to quickly print any image on your page, by passing the image url. This can be useful when you have multiple images on the screen, using a low resolution version of the images. When users try to print the selected image, you can pass the high resolution url to Print.js.

Example

Load images on your page with just the necessary resolution you need on screen:


 <img src="images/print-01.jpg" />

In your javascript, pass the highest resolution image url to Print.js for a better print quality:


 printJS('images/print-01-highres.jpg', 'image')

Result:

Print.js uses promises to make sure the images are loaded before trying to print. This is useful when printing high resolution images that are not yet loaded, like the example above.

You can also add a header to the image being printed:


 printJS({printable: 'images/print-01-highres.jpg', type: 'image', header: 'My cool image header'})

Result:

To print multiple images together, we can pass an array of images. We can also pass the style to be applied on each image:


 printJS({
  printable: ['images/print-01-highres.jpg', 'images/print-02-highres.jpg', 'images/print-03-highres.jpg'],
  type: 'image',
  header: 'Multiple Images',
  imageStyle: 'width:50%;margin-bottom:20px;'
 })

Result:

JSON Printing

A simple and quick way to print dynamic data or array of javascript objects.

Example

We have the following data set in our javascript code. This would probably come from an AJAX call to a server API:


 someJSONdata = [
    {
       name: 'John Doe',
       email: 'john@doe.com',
       phone: '111-111-1111'
    },
    {
       name: 'Barry Allen',
       email: 'barry@flash.com',
       phone: '222-222-2222'
    },
    {
       name: 'Cool Dude',
       email: 'cool@dude.com',
       phone: '333-333-3333'
    }
 ]

We can pass it to Print.js:


 <button type="button" onclick="printJS({printable: someJSONdata, properties: ['name', 'email', 'phone'], type: 'json'})">
    Print JSON Data
 </button>

Result:

We can style the data grid by passing some custom css:


 <button type="button" onclick="printJS({
	    printable: someJSONdata,
	    properties: ['name', 'email', 'phone'],
	    type: 'json',
	    gridHeaderStyle: 'color: red;  border: 2px solid #3971A5;',
	    gridStyle: 'border: 2px solid #3971A5;'
	})">
    Print JSON Data
 </button>

Result:

We can customize the table header text sending an object array


 <button type="button" onclick="printJS({
	    printable: someJSONdata,
	    properties: [
		{ field: 'name', displayName: 'Full Name'},
		{ field: 'email', displayName: 'E-mail'},
		{ field: 'phone', displayName: 'Phone'}
	    ],
	    type: 'json'
        })">
    Print with custom table header text
 </button>

Result:

JSON, HTML and Image print can receive a raw HTML header:


<button type="button" onclick="printJS({
		printable: someJSONdata,
		type: 'json',
		properties: ['name', 'email', 'phone'],
		header: '<h3 class="custom-h3">My custom header</h3>',
		style: '.custom-h3 { color: red; }'
	  })">
	Print header raw html
</button>

Result:

Intitle Live View Axis Inurl View Viewshtml Top -

: Targets the specific file structure commonly used by older or specific configurations of Axis cameras to display the video feed.

To view their cameras remotely, users often configure port forwarding on their routers or place the camera inside a Demilitarized Zone (DMZ). If the camera is not properly secured behind a Virtual Private Network (VPN), it becomes entirely public to the global internet. The Security and Privacy Risks

The search query you provided is a Google Dork , a specific type of advanced search string used to locate vulnerable or publicly exposed internet-connected devices. This particular string is designed to find live video feeds from Axis Network Cameras that have been indexed by search engines. Exploit-DB Breakdown of the Query intitle:"Live View / - AXIS"

Google Dorking utilizes advanced search operators to filter this indexed data:

: Targets the specific file path structure used by the camera's internal web server to display the video feed. intitle live view axis inurl view viewshtml top

Ensure that the "Allow anonymous viewer login" option is disabled in the camera's system settings. Every user must be forced to authenticate before a video stream initializes. Update Firmware Regularly

Understanding the mechanisms of Google Dorking, the structure of camera URLs, and how to mitigate exposure is vital for network administrators aiming to secure their infrastructure. Anatomy of the Google Dork

: If you own an Axis camera, you can prevent it from appearing in such searches by setting a strong password for all accounts, disabling "Anonymous" viewing, and using Axis Secure Remote Access or a VPN instead of direct port forwarding. Axis Communications security hardening steps for an Axis camera, or more information on how Google Dorking AXIS P1367 Network Camera - Axis Documentation

: Older firmware versions or specific user configurations may allow anonymous viewing privileges, exposing the live video feed to the public without requiring a login. : Targets the specific file structure commonly used

If a device must be web-facing, configure a robots.txt file to explicitly forbid search engine crawlers from indexing the camera's directories.

: This keyword narrows down the search to specific frames or parameters within the Axis camera interface layout (often associated with the top navigation or viewing pane).

: Often, these cameras lack password protection, allowing anyone to view the live stream. Exposed via Port Forwarding

It's critical to understand that not every camera found by this Dork is maliciously placed. Many are "intentionally public" webcams, like traffic cams or scenic nature feeds. However, a significant number are that were never meant to be seen by the public. This represents a serious security and privacy risk. The Security and Privacy Risks The search query

<!-- #include virtual="/axis-cgi/param.cgi?action=list&group=root.Brand" --> <div id="imagecontainer"> <img src="/axis-cgi/mjpg/video.cgi?resolution=640x480" alt="Live Stream" /> </div> <!-- #include virtual="/axis-cgi/com/ptz.cgi?continuouspantilt=1" -->

Exposed feeds can lay bare corporate boardrooms, parking facilities, school hallways, and industrial plants. Threat actors can observe daily routines, watch inventory movements, and gain visual intel without authenticating. 2. Network Lateral Movement

| Risk | Description | |------|-------------| | | Attackers can monitor sensitive areas without permission | | Privacy violations | Public access to live feeds infringes on privacy rights | | Configuration changes | Vulnerabilities may allow unauthorized access to change settings | | Denial of service | Exposed streams can be overwhelmed, disabling surveillance | | Legal consequences | Organizations may face penalties under data protection laws |

This post is written from a security researcher's perspective, analyzing the search syntax, its implications for IoT exposure, and the technical breakdown of the Axis device interface.

Browser Compatibility

Currently, not all library features are working between browsers. Below are the results of tests done with these major browsers, using their latest versions.

Google Chrome
Safari
Firefox
Edge
Opera
Internet Explorer
PDF
HTML
Images
JSON

Thank you BrowserStack for the support. Amazing cross-browser testing tool.

intitle live view axis inurl view viewshtml top

Development and Support

Please report issues and feature requests in GitHub Issues.

If you have questions when implementing or using the library, ask about it in StackOverflow.

Pull requests are very welcome! Make sure your patches are well tested: README.md.

Print.js was built from the hard work of all these contributors.