Protect PDF from being downloaded through viewing the source

New Here ,
Jul 20, 2021 Jul 20, 2021

Copy link to clipboard

Copied

For secure PDFs, such as embedding an expensive book for members-only, how can I stop them viewing the source and copying the URL into a browser to download the PDF?

 

Here's the part that they could copy-paste:

 

content:   {location: {url: "https://documentcloud.adobe.com/view-sdk-demo/PDFs/Bodea Brochure.pdf"}},

 

Encoding the PDF as a base64 doesn't seem to work looking through the forum, and would make a massive line of code for this book.

 

Perhaps setting something on the PDF file so that even if they download it, they can't open or print it.  I suspec this will affect the embedded file, so it might not be possible. Appreciate any thoughts, thanks in advance.

TOPICS
General , How to , PDF Embed API , PDF Services API

Views

105

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Jul 21, 2021 Jul 21, 2021

Copy link to clipboard

Copied

The content can also be passed as a Promise that resolves to a ByteArray. You'd need app on your server that gets the PDF based on some sort of identifier instead of a URL. The PDF would be stored in a folder that's not accessible to the web.

 

That said, Embed API is no substitute for a real Digital Rights Management solution. It will keep honest people honest but it's not going to prevent a determined hacker from getting at the file.

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Nov 30, 2021 Nov 30, 2021

Copy link to clipboard

Copied

LATEST

I had a suggestion that can help and would appreciate if Adobe looks into it: I have successfully got the EmbedPDF API to send a ByteArray  (Thanks to your Codepen example: https://codepen.io/practicalPDF/pen/vYLoKMj ) But securing it to prevent someone peering into the Network tab and capturing the "Response" on the Ajax call that gives the ByteArray is tough! 

My suggestion is based on the fact that Adobe whitelists my domain where I used EmbedAPI before I can use it.  I have to get the ClientID from Adobe first; before the viewer works.

Here is my suggestion:


Would it be possible for me to set a password when I register my domain with Adobe? Such a password can use standard CryptoJS based symmetric encryption. I can then safely encrypt the Bytearray using that standard symmetric encryption and send the encrpyted byteArray into the browser. Your webasm based reader can then check if my account has that password set; so your reader can silently decrypt the encrypted ByteArray. 

Doing all this at my end is tough, and works only crudely. But if Adobe implements it; it would be really a strong security! I sincerely hope this suggestion is considered. Thanks!

Likes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources