Problem Statement: Presently the PDF Viewer requires the developer to provide an HTTPS URI that points to a document which is available anonymously (does not require authentication). This creates a situation where you cannot show secure reports such as a financial statement or perhaps an document with personally identifiable information. The unfortunate part of the current solution is that even if the developer can secure the PDF content, we cannot hand it directly to the control which is a far more secure methodology and would seem to require more effort on Microsoft's part.
Proposal: Follow same approach as the HTML View control and let us set the PDF Content field with the document in question. This way we can retrieve thet PDF content from Azure Storage or some other location and directly hand it to the PDF control in a very secure manner and with less chance of failure due to network connectivity and authentication issues.