LocalForgeBack to tools

How It Works

Every file you process stays on your device. Here is the technology that makes it possible.

The Architecture

1. File Stays in Your Browser

When you select a file, it is loaded into your browser's memory using the File API. The file data is represented as an ArrayBuffer - raw bytes in local RAM. No network request is made.

2. Web Workers Process Your File

Processing happens in a separate thread (Web Worker) so your browser stays responsive. The worker receives the file data via postMessage and processes it entirely in memory.

3. WebAssembly Powers Heavy Lifting

For PDF manipulation, we use pdf-lib.js compiled to efficient bytecode. For background removal, ONNX Runtime Web runs neural networks directly in your browser using WebAssembly.

4. Result Created Locally

The processed result is stored as a Blob URL in your browser's memory. When you click download, the file is saved directly from memory to your disk - no server involved.

Technology Stack

PDF Processing

pdf-lib.js

Pure JavaScript PDF manipulation library that runs entirely in the browser. Handles compression, merging, splitting, and page extraction.

Image Compression

browser-image-compression

Client-side image compression using Web Workers. Supports JPEG, PNG, and WebP with adjustable quality.

Background Removal

ONNX Runtime Web

Runs machine learning models (U-Net architecture) directly in your browser using WebAssembly. Same quality as cloud AI services.

HEIC Conversion

libheif-js (WASM)

WebAssembly port of the libheif library for decoding Apple HEIC/HEIF images without uploading.

File Hashing

Web Crypto API

Built-in browser API for computing MD5, SHA-256, and SHA-512 hashes. No external libraries needed.

QR Generation

qrcode (client-side)

Pure JavaScript QR code generation with customizable colors and sizes. Renders directly to canvas.

Security Measures

File Validation

Triple validation: extension check, MIME type verification, and magic byte analysis to prevent malicious file processing.

Memory Cleanup

All Blob URLs are automatically revoked after 5 minutes. ArrayBuffers are released after processing.

Content Security Policy

Strict CSP headers with nonce-based script loading prevent any unauthorized code execution.

Filename Sanitization

All filenames are sanitized to prevent path traversal, XSS, and other injection attacks.

Network Isolation

Zero external requests during file processing. Verifiable via our Network Inspector or browser DevTools.

No Analytics

No tracking pixels, no analytics scripts, no third-party cookies. Your usage is completely private.

Verify It Yourself

Open your browser DevTools (F12), go to the Network tab, and process any file. You will see zero external requests.