Please consider the following:
I have a website that users upload content to as PDF's. I would like to restrict access to this content in some way. The plan is for a PHP script to authenticate the user and then load a local PDF using PDF.JS so that is works on all devices.
I am making use of the viewer.js supplied code.
I have tried to use .htaccess to only allow PDF's to load if they come from the server IP address but with no avail - it appears to block any attempts to pull the PDF using PDF.js
Is there a way in PDF.JS to force it to load the file locally, rather than downloading it as a URL? Perhaps then I can just deny all in .htaccess and still allow PDF.js to load it?
Please bear in mind I am using the code found in viewer.js in the web directory of the stable download - I am unable to get any of the "Examples" on the PDF.JS site to work, specifically this line: var pdfjsLib = window['pdfjs-dist/build/pdf']; - This will be down to my limited knowledge. If anyone is able to explain this, bonus.
I am totally open to other ways to solve this problem, and I hope someone can tell me that this is an awful idea and provide a far better way to do it.
Edit
Just to confirm as I don't think I was very clear initially, I still want users to be able to view the content through the webpage that has the PDF.JS, however I don't want just anybody going to the direct URL path and being able to view the content.
