Even if you could disable the key for the Adobe ActiveX control, that would only affect Internet Explorer running on Windows. Other browsers and operating systems would use different software to display a PDF file, and your solution would not work.
You could try writing your own viewer using something like
pdf.js[
^], which would give you a consistent experience across all devices, and give you more control over what the user can and cannot do.
However, that still wouldn't prevent a user from taking a screen-shot using the browser developer tools. Or taking a screen-shot of the browser window itself. Or using the phone to take a picture of the screen. Or using their browser's developer tools to save the downloaded PDF file. Or using an external network sniffer to save the downloaded PDF file. Etc, etc, etc.
If the user can view the file in their browser, then they can download a copy of the file to view outside of their browser. No matter what you do to make it harder for the user to download the file, they will find a way around it. And the harder you try to stop them, the harder they'll try to circumvent it - after all, if you're going to so much effort to block them, then it
must be worth getting, right?
(Google "the Streisand effect" for details.)
Submit an article or tip