Definitely a problem I experienced. Big fan of browserless.io. Though I didnt see any comment on the biggest problem in this space: SSRF.
Most HTML-to-PDF are deeply insecure and I am more than happy to pay someone else to deal with isolation and security. Report generators are often used to leak cloud secrets via the metadata API.
True. Security is a significant concern, and in our discussions with businesses, we realised that most of them do not want any kind of data leaving their own systems. This is especially true in the biotech/healthcare industry, but also in legal and banking. That's why we're considering an on-premises solution for the future (as we're focusing on B2B). However, I assume most people were talking about personal use cases or non-sensitive documents, hence the fact that no one mentioned SSRF (yet ;)).
Most HTML-to-PDF are deeply insecure and I am more than happy to pay someone else to deal with isolation and security. Report generators are often used to leak cloud secrets via the metadata API.