Introduction
The Viewer can be configured to disable UI buttons that will allow an end user to easily duplicate the content of a document.
The following UI buttons can be disabled using configuration options:
- Download [document] button - Hide the button to download the original document.
- Select text button - Hide the button to select the text selection mouse tool, which inhibits the user’s ability to select and copy selected text.
- Print button - Hide the button to print the document.
Example
// DRM options are controlled through the viewer’s options argument. var pluginOptions = {
documentID: viewingSessionId,
language: languageItems,
template: htmlTemplates,
uiElements: {
download: false, // hide download button
copyPaste: false, // hide select text tool button
printing: false // hide print button
},
};
$("#myDiv").pccViewer(pluginOptions);
Server-Side DRM
DRM options for the Viewer are enforced only in the Viewer UI. A skilled end user can manipulate the browser to circumvent the viewer-based DRM enforcement.
Techniques a skilled user can use to circumvent viewer-based DRM enforcement:
- Edit the JavaScript run by the browser, which allows them to:
- Change the plugin options for DRM.
- Directly call the API of the viewer control to print or set the select text tool.
- Directly call the server API to download the original document.
Additional security measures can be added using server-side code changes which are listed below:
Document Download
-
Create a new viewerTemplate.html file that excludes the document download button (data-pcc-download).
-
Using this technique, the download button will not be available, regardless of the plugin options.
NOTE: Refer to the Customizing the Viewer section for details on using the viewerTemplate.html.
-
Copying Text
There are not any server-side techniques to strengthen DRM enforcement of copying text. However, removing the text selection control from the UI will require the user to understand the text selection API in order to enable it on the Viewer. The manner in which the product renders SVG also makes it nearly impossible to copy text just using a browser’s text selection capability.
Printing
-
Create a new viewerTemplate.html file that excludes the print button (data-pcc-print="launch").
-
Using this technique, the print button will not be available, regardless of the plugin options.
NOTE: Refer to the Customizing the Viewer section for details on using the viewerTemplate.html.
-
-
Exclude the print template from the configuration object passed to the Viewer (pluginOptions.template.print).
- This can be controlled by the server-side code that generates the page.
- Using this technique, the ViewerControl#print(options) method will be non-functional.
Content Encryption
For an added layer of security, Content Encryption can be enabled to provide an obscured transfer of data from the PrizmDoc Server to the Viewer website, preventing unauthorized agents from discerning the content being transmitted. See Enabling Content Encryption for more information.
PrizmDoc Viewer is not designed or intended to be a fail-proof DRM system but does provide a few basic security measures to prevent most users from unintentionally accessing content to which they are not authorized.