Allow secure browser download of large file hosted on client server
We have a requirement to allow secure browser download for large zip files, over 1 GB in size, hosted on the client server.
Pega simply needs to facilitate the download between the client server and end user's laptop, it doesn't need to stream the file or store it inside Pega's server.
The static HTTPs link to the file would look something like this "https://<client-server>/xyz.zip".
The design needs to serve the following requirements
1. Download link shouldn't be visible on hover or browser inspect
However, we believe the link can still be viewed using browser network trace or fiddler.
2. The download should only work from within the application. If a user somehow intercepts the link and pastes it on a browser, the download should be blocked.
>> We are thinking of using some form of short-lived TOKEN (JWT??) exchange between Pega and the client server, and then append this TOKEN to the download URL. Download to be initiated using href so that it doesn't consume Pega's server resources.
Do suggest if something along similar lines have been implemented in Pega before; or if there are better workarounds available?