Complete Feature Set

Everything your
PDF pipeline needs.

From parsing and rendering to XFA forms, compliance, OCR, and digital signatures — in one SDK, across every language.

XFA Forms Support

The only pure-Rust XFA engine in the world. Flatten dynamic forms, extract data, and execute FormCalc expressions with full compliance.

•Parse and render XFA templates
•Execute FormCalc calculations
•Extract structured data
•Flatten to static PDF

Blazing Fast Performance

36×* faster cold start and 3–5×* less peak memory than Java alternatives. Built in pure Rust for maximum efficiency.

•Zero-copy parsing
•Parallel processing
•Optimized memory usage
•Sub-millisecond operations

WebAssembly Ready

Compile to a ~3 MB Brotli-compressed WASM bundle (~10 MB uncompressed) that runs PDF processing entirely in the browser. No server uploads, complete privacy.

•Browser-native execution
•No server dependencies
•Offline capable
•Cross-platform compatibility

EU Compliance Built-in

PDF/A archiving, PDF/UA accessibility, and XRechnung/ZUGFeRD e-invoicing support out of the box.

•PDF/A-1, 2, 3 validation
•PDF/UA accessibility
•ZUGFeRD e-invoicing
•Long-term archiving

Digital Signatures

Create and verify PAdES signatures with LTV support, timestamping, and full certificate chain validation.

•PAdES-B, T, LT, LTA
•RFC 3161 timestamping
•Certificate validation
•Multiple signatures

OCR Text Recognition (Beta)

Local OCR with ocrs or cloud adapters for Mistral, Google, AWS, and Azure. Extract text from scanned documents. OCR is in active development — contact us for production use cases.

•Local processing with ocrs
•Cloud API integrations
•Multi-language support
•High accuracy rates

No C/C++ Runtime

Pure Rust — no JVM, no C++ runtime, no system library dependencies. Ship a single binary. Deploy to containers, serverless functions, or air-gapped servers without compatibility headaches.

•No Java runtime required
•No C/C++ system libraries
•Single portable binary
•WASM-compilable (no native deps)

Security

Built safe by default.

The SDK runs in production on untrusted, arbitrary PDFs from end users. That's a large attack surface. Rust eliminates entire classes of vulnerability at compile time.

No buffer overflows

Rust's type system and borrow checker make buffer overflows and use-after-free impossible. Memory safety is enforced at compile time — not by a GC, not at runtime.

Zero C/C++ transitive deps

PDFium, Ghostscript, and libpoppler accumulate dozens of CVEs per year. PDFluent has no C or C++ dependencies — there is no native layer to exploit.

Sandboxable

Pure Rust means no JNI, no FFI, no dynamic linking to system libs. The binary runs inside seccomp or a WASM sandbox without any special configuration.

No memory-unsafe runtime

Memory-unsafe runtimes (C++, JVM) introduce classes of vulnerabilities — buffer overflows, use-after-free, deserialization gadgets — that Rust eliminates by design. None of these attack vectors exist in PDFluent.

Statically-linked binary

Dynamically-linked native PDF libraries load shared objects (.so/.dll) into the host process; a vulnerability in the library compromises the process. PDFluent ships as a single statically-linked binary with no runtime native dependencies.

Auditable single language

The entire codebase is Rust — no native blobs, no minified JS, no binary-only components. Security auditors can read every line that runs.

Relevant if you process PDFs from e-mail, web uploads, or external APIs — environments where files may be deliberately malformed or weaponised. Why memory safety matters

* Performance claims measured on AMD EPYC 7502P, single-threaded, 20,000-PDF corpus. Full methodology →

Ready to get started?

30-day evaluation — full SDK, no watermarks, no credit card.

Download Evaluation →View Pricing

Everything yourPDF pipeline needs.