cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0
Upvote

Protect PDF from being downloaded through viewing the source

johncrumpton
New Here ,
Jul 20, 2021 Jul 20, 2021

Copy link to clipboard

Copied

For secure PDFs, such as embedding an expensive book for members-only, how can I stop them viewing the source and copying the URL into a browser to download the PDF?

 

Here's the part that they could copy-paste:

 

content:   {location: {url: "https://documentcloud.adobe.com/view-sdk-demo/PDFs/Bodea Brochure.pdf"}},

 

Encoding the PDF as a base64 doesn't seem to work looking through the forum, and would make a massive line of code for this book.

 

Perhaps setting something on the PDF file so that even if they download it, they can't open or print it.  I suspec this will affect the embedded file, so it might not be possible. Appreciate any thoughts, thanks in advance.

TOPICS
General , How to , PDF Embed API , PDF Services API

Views

298

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
replies 2 Replies 2
latest latest Jump to latest reply
Joel_Geraci Community Expert
Community Expert ,
Jul 21, 2021 Jul 21, 2021

Copy link to clipboard

Copied

The content can also be passed as a Promise that resolves to a ByteArray. You'd need app on your server that gets the PDF based on some sort of identifier instead of a URL. The PDF would be stored in a folder that's not accessible to the web.

 

That said, Embed API is no substitute for a real Digital Rights Management solution. It will keep honest people honest but it's not going to prevent a determined hacker from getting at the file.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
TAD Master
New Here ,
Nov 30, 2021 Nov 30, 2021

Copy link to clipboard

Copied

LATEST
In Response To Joel_Geraci

I had a suggestion that can help and would appreciate if Adobe looks into it: I have successfully got the EmbedPDF API to send a ByteArray  (Thanks to your Codepen example: https://codepen.io/practicalPDF/pen/vYLoKMj ) But securing it to prevent someone peering into the Network tab and capturing the "Response" on the Ajax call that gives the ByteArray is tough! 

My suggestion is based on the fact that Adobe whitelists my domain where I used EmbedAPI before I can use it.  I have to get the ClientID from Adobe first; before the viewer works.

Here is my suggestion:


Would it be possible for me to set a password when I register my domain with Adobe? Such a password can use standard CryptoJS based symmetric encryption. I can then safely encrypt the Bytearray using that standard symmetric encryption and send the encrpyted byteArray into the browser. Your webasm based reader can then check if my account has that password set; so your reader can silently decrypt the encrypted ByteArray. 

Doing all this at my end is tough, and works only crudely. But if Adobe implements it; it would be really a strong security! I sincerely hope this suggestion is considered. Thanks!

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
FAQs
Sales FAQ
Technical FAQ
Copyright © 2024 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices