Some test text!


WebViewer Server Configuration Options

In this document you will find all available WebViewer Server configuration options. All the options here are configured within the docker-compose.yml file. For more information on docker-compose, visit the Docker website.

Setting docker variables
When modifying Docker arguments and environment variables, booleans must be surrounded by single quotes, in this manner: 'true' or 'false'

linkServer configuration

The options here can be configured by restarting the container with any changes. This can be done by restarting the container through docker-compose restart.

Server configuration is most easily done via docker-compose.yml, located in the root of the WebViewer Server zip. The configuration is handled through environment variables set in the container, and they are as follows:

General Options

Security Options

Deployment Options

Debug Options

linkGeneral Options

linkAdd Your PDFNet Key

To add your PDFNet key to the WebViewer Server the key must be set on the TRN_PDFNet_Key option in docker-compose.yml (you do not need to set this property if you are demoing our software). This key must also be set in your WebViewer client constructor. This guide details how to add a license key to the constructor.

linkWebViewer Server Demo

WebViewer server comes with a demo that can be used for testing and debugging purposes. To remove this demo from the container set INCLUDE_DEMO to false. If not set to false, the demo is accessible at http://<HOSTIPADDRESS or localhost>:8090/demo?s

linkCustomize server URL

To access the server from a different internal URL, adjust the URL_PREFIX options in docker-compose.yml. For example, with the option value URL_PREFIX: custom-prefix, the demo would be available at http://<HOSTIPADDRESS or localhost>:8090/custom-prefix/demo/?s

linkConfiguring the maximum age of the local cache

TRN_MAX_CACHE_AGE_MINUTES determines how long the local document cache will be kept before deletion. It accepts a number in minutes for deletion time with a minimum of 30 minutes. Refer to this guide for more info about cache interactions.

linkConfiguring the maximum size of the local cache

TRN_MAX_CACHED_MB to configure the maximum size of the local cache before a forced deletion will occur. This should be set to 10% lower than the available space to WebViewer Server. Accepts a number in megabytes. Defaults to 1GB if not set. Refer to this guide for more info about cache interactions

linkForce lossless images

Setting the environment variable TRN_FORCE_LOSSLESS_IMAGES to true will force the server to use lossless images when creating PDF image tiles. This option is required if performing differential layering with the WebViewer client to avoid image artifacts when highlighting document differences.

linkDisable client side rendering

Setting the environment variable TRN_DISABLE_CLIENT_SIDE_RENDERING to true in the server container will cause webviewer to stick with the server-rendering image backend and not switch to a more efficient client side option at any point. This option will create a greater load on the server.

linkSecurity Options

linkFetch Timeout

If the server has the environment variable TRN_FETCH_TIMEOUT_MS set, the server will set the timeout to the value specified in milliseconds. This value is the time it takes before a timeout occurs when opening a connection and when waiting for the first byte of a requested file. The default value is 20000 milliseconds.

linkRelative URL

If the server container has the environment variable TRN_FETCH_DEFAULT_BASE_ADDR set, any incoming URL to the server will be TRN_FETCH_DEFAULT_BASE_ADDR + the incoming url when the server attempts to fetch it.

linkURL root restriction

If the server container has the environment variable TRN_FETCH_REQUIRED_URL_ROOTS set, then each URL will be checked against its value before initiating any fetch routine. You may specify more than one possible URL root by seperating addresses with semicolons:


This check is done after any URL alteration performed due to the above TRN_FETCH_DEFAULT_BASE_ADDR option. For example, if TRN_FETCH_REQUIRED_URL_ROOTS ==, then the document would be be allowed, but both and would fail. The protocol is not part of this check, and will be ignored if it is included in TRN_FETCH_REQUIRED_URL_ROOTS.

linkSame domain cookie forwarding

If the server container has specified TRN_FORWARD_CLIENT_COOKIES as true, cookies a client has received from another server on the same domain will be shared with the WebViewer Server. This can allow cookie based authorization schemes to pass their cookies for the server to use.

linkForce URL Rechecking

TRN_FORCE_URL_RECHECK should be set to true if you want to check the accessiblity of a document's original url whenever performing an action with this document. This ensures the document is still accessible to the user requesting it, preventing them from gaining access to documents that may have expired.

linkRestrict client origins

TRN_ALLOWED_ORIGINS should be set to the origin of the site your clients will be accessing WebViewer from. This will ensure WebViewer Server will only accept requests from that site. If this option is not defined, any origin is allowed. This option can be passed domains seperated by a comma.


linkDisable client side PDF access

Setting the environment variable TRN_DISABLE_CLIENT_PDF_ACCESS to true will prevent the server from sending the PDF directly to the client, preferring other display modes instead (like server-side image rendering or .xod). Intended to protect sensitive documents by ensuring that only derived data (like rendered pages) are ever sent to the client.

linkAccess Control

Locks user document links to user sessions so they are inaccessible to other users with the document link. Set TRN_ENABLE_SESSION_AUTH to true to enable this feature.

During the course of normal operation, WebViewer server will generate static content like rendered pages or document metadata and make it accessible to clients via an obfuscated URI. While this link is unguessable, it is not access-limited by default -- if a client shares or leaks the link, it could be accessible by third parties. By enabling the option, it will ensure that this URL is only accessible to the client who initiated the connection. This will add a small amount of overhead to each connection, and hinder the viewing of thumbnails in the demo application.

linkSession caching

By setting TRN_ENABLE_PER_SESSION_CACHING to true, cached files will be stored behind a session identifier path on the server. Enable this with TRN_ENABLE_SESSION_AUTH for completely user session secure documents. This will prevent the server from allowing clients who request a document, that has already been fetched, from accessing a version cached by a different user. With these features both enabled, most caching will be disabled and the server will take a performance hit.

linkDisable fetch validation

TRN_DISABLE_VALIDATION should be set to true to disable HTTPS link validation. HTTPS link validation is done whenever a file url is passed to WebViewer Server. Enabling this option will leave your system unsecure, but will allow for fetching of file urls with invalid certificates. This should only be used if your setup has been properly secured for this scenario or you are testing the server without public access.

linkDeployment Options

linkClient stickiness refresh

If running the server in a distributed environment we offer an argument for improving user stickiness when using cookies to manage stickiness. Set `TRNBALANCERCOOKIE_NAME** to the name of your stickiness cookie. Once set, WebViewer will delete the stickiness cookie whenever opening a new document. This allows users to only be stuck on a particular server on a per document basis.

In order to use this option your environment must allow WebViewer Server to delete cookies server side.

linkUsing WVS on Azure Webapps

DEPRECATED: Starting with version 1.5.2, the container will always run as a userTRN_AZURE_WEBAPP_COMPAT should be set to true if you are using the WebViewer Server Docker image on an Azure WebApp for Containers. This option forces all internal programs to run as a root user, this is required due to non-root users not being properly supported in Azure WebApps for Containers.

We do not recommend running on Azure WebApps, as the only options for servers in this service only offer low read/write options.

linkReadable timestamps on Windows WebViewer Server

Windows Installer Only

By default timestamps appear in the UNIX time format. When using Docker this timestamp is automatically converted. To do the same on Windows, you should set the option TRN_FORCE_READABLE_TIMESTAMPS to true.

linkDebug Options

linkDisable HTTPS

If the environment variable TRN_FETCH_DOWNGRADE_HTTPS is set, then all fetches originating from the docker server will be made as http, rather than https.

Get the answers you need: Support


Free Trial

Get unlimited trial usage of PDFTron SDK to bring accurate, reliable, and fast document processing capabilities to any application or workflow.

Select a platform to get started with your free trial.

Unlimited usage. No email address required.