Restricting Access to Documents

In some cases you may want to protect your documents in Print2Flash format with sensitive information from printing, copying text from it or from viewing it.

Protection from Printing

To prevent document viewers from printing the converted document you need to set Disable Printing checkbox in Protection Tab of Document Options window before document conversion. This option automatically disables Print button on the document toolbar as well as disable access to print function with keyboard shortcuts or using Print2Flash Document API.

At programmatic conversion you can disable printing by setting PROTDISPRINT flag in the ProtectionOptions property of Profile object or in the ProtectionOptions parameter of Enhanced Batch Processing.

Protection from Copying Text

To prevent document viewers from copying text from the converted document you need to set Disable Text Copying By User checkbox in Protection Tab of Document Options window before document conversion. This option auto0matically disables Select Text button on the document toolbar. If you want to disable text copying using Print2Flash Document API, you need to set Disable Text Copying With Document API option in the same window.

At programmatic conversion you can disable text copying by setting PROTDISTEXTCOPY and PROTDISTEXTCOPYAPI flags in the ProtectionOptions property of Profile object or in the ProtectionOptions parameter of Enhanced Batch Processing.

Protection from Viewing

Print2Flash documents are just regular Flash files that can be downloaded and shown in a web browser. Like any other kind of files they cannot prevent themselves from copying or downloading by external software. So usually if a user views a standard Print2Flash document in the Flash Player, it means this document is already somewhere on disk and user can in principle  re-open and view this document as many times as he wishes. If this is not what you intended, it may present a problem for you. Fortunately Print2Flash provides some kind of solution to this problem.

Protection from Storing of Documents in Browser Cache

Usually web browsers store downloaded resources including Print2Flash documents on disk to provide faster document retrieval when you open this document the next time. The area where such resources are stored is called the browser cache.

If you intention is to show documents only online in browser, you may be concerned that the documents already viewed by user are stored on disk. It means that an intelligent user can find the document in the cache, retrieve it from there and open it. However, you may prevent caching in the browser by sending these HTTP headers when returning Print2Flash documents from your web server:

Pragma: no-cache 
Cache-Control: no-cache,private,no-store,must-revalidate,max-stale=0,post-check=0,pre-check=0 
Expires: Mon, 26 Jul 1997 05:00:00 GMT

However, note that there are offline browsers that always cache downloaded files regardless of the headers. An example of such a browser is Ad Annihilator (www.adannihilator.com).

Restricting Access to Documents by Domain

You may achieve additional protection if you allow your documents to be viewed only when they are downloaded in the Flash Player from your site (domain). If a user stores this document on disk or retrieves it from disk cache or uploads it to another web site, this protection technique will not allow this document to be shown in these cases. Thus your documents appear to be "linked" to your site without a possibility to view them from other sites or disk.

To restrict access to documents by domain, you need to specify a list of allowed domains in the Protection tab of Document Options window. Then when you convert documents with Print2Flash, this list is stored in output Flash documents and used to check if access to document should be granted. When a protected document is opened, it checks the domain it has been loaded from and, if it matches one of the domains specified in the allowed list, the document is displayed to the user. Otherwise, the document is not displayed

For example, if your Flash documents are to be served only from your site with mysite.com domain, you need to add that domain to the allowed domain list. The effect of this will be the documents can be shown only when they are downloaded from this site (from a URL having "mysite.com" in its domain part). If this document is stored on disk or viewed from disk cache, the document will not be shown. If this document is uploaded to another site, it will not be shown from there either.

At programmatic conversion you can specify this allowed domains list using RestrictionDomains property of Profile object or in the RestrictionDomains parameter of Enhanced Batch Processing.

Custom Protection

The domain restriction technique is good enough but documents can still be shown offline in some offline browsers or other software that can fake the loading domain. For example, if an offline browser cached the document (regardless of the HTTP headers mentioned above) and loads it in the Flash Player making it think that the document is loaded from an original allowed site it was downloaded earlier from, the document will still be shown as the document has no way to know if it has been downloaded from cache in such a case.

Therefore, the most reliable technique would be making the document send a request to your web server each time a document is opened asking it for permission to display the document. This way your server will be in complete control of when and to whom the access to your documents is allowed. This requires a custom approach and some implementation on your server (the script answering viewing permission requests).

Please contact our support if you are interested in such kind of solution sending us a description of your document protection requirements. We might provide you with a custom solution tailored to your needs.