Get started
Comparison

PDF4.dev vs wkhtmltopdf

wkhtmltopdf was a popular HTML-to-PDF tool, but it's now deprecated, uses a 2012-era rendering engine, and has known security vulnerabilities. PDF4.dev uses modern Chromium with a full editor, API, and dashboard.

Updated March 2026

This comparison is published by PDF4.dev. We aim for accuracy but acknowledge our perspective.

TL;DR

Choose PDF4.dev if you want

  • Modern CSS rendering (flexbox, grid, variables)
  • A visual editor your team can use
  • A REST API with authentication
  • Active maintenance and security updates
  • Full JavaScript and web font support

Choose wkhtmltopdf if...

  • Honestly, there's no good reason to start a new project with it
  • The project is archived and unmaintained
  • Known security vulnerabilities remain unpatched
  • The rendering engine is over a decade old
  • If you're already using it, PDF4.dev is a straightforward upgrade

Feature-by-feature comparison

FeaturePDF4.devwkhtmltopdf
StatusActively maintainedDeprecated (archived)
Rendering engineModern ChromiumQt WebKit (2012)
CSS3 supportFull (flexbox, grid, variables)Partial (no flexbox, no grid)
JavaScriptFull ES2024Limited (old V8)
Template editorCode + visual editorNone (CLI only)
Live previewReal-time with accurate dimensionsNone
APIREST API with authCLI only (build your own)
Template managementBuilt-in CRUD + dashboardNone
SecuritySandboxed ChromiumKnown SSRF vulnerabilities
Web fontsFull Google Fonts supportLimited
Docker supportOfficial imageComplex system deps
Free PDF tools24 browser-based tools (compress, merge, split...)None
Batch generationCSV upload, variable mapping, ZIP downloadNone
Reusable componentsHeaders, footers, blocks: shared across templatesNone
AI agent support (MCP)Built-in MCP server (Claude, ChatGPT, Cursor...)None

Security concerns

wkhtmltopdf has well-documented security vulnerabilities, including Server-Side Request Forgery (SSRF) that allows attackers to read local files or make requests to internal services through crafted HTML input.

The project is archived on GitHub: no security patches will be released. If you're processing user-provided HTML (invoices with custom fields, user-generated content), this is a serious risk.

PDF4.dev uses Playwright with a sandboxed Chromium instance. Pages run in isolation with no access to the host filesystem or network beyond what you explicitly allow.

Migration is easy

Since PDF4.dev uses standard HTML/CSS with a modern Chromium engine, your existing HTML templates will render better out of the box. No template rewrite needed: just better output.

  • CSS that didn't work: flexbox, grid, custom properties, and modern selectors now render correctly
  • Web fonts: Google Fonts and custom @font-face rules just work
  • JavaScript: charts (Chart.js, D3), dynamic tables, conditional rendering: all supported
  • CLI to API: replace your shell command with a single POST request

Frequently asked questions

Useful resources

Free tools

HTML to PDF converterMerge PDF

From the blog

HTML to PDF benchmark 2026CSS print styles: the complete guide

Other comparisons

vs PDFMonkeyvs DIY Puppeteervs DocRaptorvs WeasyPrintvs jsPDFvs Gotenbergvs PDFShiftvs PDFKitvs html2pdf.js

Time to upgrade

Replace wkhtmltopdf with a modern, maintained solution. Set up in 5 minutes.

Get started