I Built a Browser-Based PDF Converter to Stop Uploading Sensitive Files to Random Sites Tags: #showdev #webdev #javascript #privacy

Source: Dev.to

Overview

After uploading what felt like the 100th sensitive contract to a “free” PDF site, I realized I had no idea where those files were going. To keep documents private, I built BunnyConvert, a suite of 24 PDF tools that run entirely in the browser using JavaScript.

Features

• Sign PDF – cursive fonts, drag‑to‑position signature placement (touch + mouse)
• Merge / Split / Compress / Rotate PDFs
• Convert JPG/PNG/HEIC → PDF
• Export PDF → Word / Excel / PowerPoint / Image
• Watermark, Protect, Unlock PDFs
• Image Resize and CSV ↔ JSON conversion
• Vanilla JS frontend (no React/Vue)

Technical Details

• pdf-lib for PDF manipulation
• pdf.js for rendering PDFs in the browser
• heic2any for HEIC decoding
• Capacitor for Android wrapper
• Supabase for opt‑out analytics (no data is sent unless the user opts in)

All processing happens client‑side; files never touch a server. You can verify this in the DevTools Network tab—there are zero outbound file requests.

Notable Challenges

• pdf-lib’s StandardFonts don’t support Turkish characters, so I embedded a custom TTF.
• Achieving DocuSign‑like signature placement with vanilla JS required handling both touch and mouse drag events.
• AdMob production approval can take 2–4 weeks for new publishers due to “limited ad serving” restrictions.

Privacy

Because every operation runs locally, your documents stay on your device. The only network activity is optional analytics, which can be disabled.

Pricing

• Free tier – daily credits for limited usage.
• Pro tier – $4.99 / month for unlimited conversions and an ad‑free experience on mobile.

Links

• Web app: