feat(pdf-viewer): add proxy endpoint to bypass CSP for PDF loading

- Created /api/pdf-proxy route
- PDF viewer now uses proxy for URL loading
- Bypasses Content-Security-Policy restrictions

app/api/pdf-proxy/route.ts

@@ -0,0 +1,29 @@
+import { NextResponse } from "next/server";
+
+export async function GET(request: Request) {
+  const { searchParams } = new URL(request.url);
+  const url = searchParams.get("url");
+
+  if (!url) {
+    return NextResponse.json({ error: "No URL provided" }, { status: 400 });
+  }
+
+  try {
+    const response = await fetch(url);
+    if (!response.ok) {
+      return NextResponse.json({ error: "Failed to fetch PDF" }, { status: response.status });
+    }
+    
+    const arrayBuffer = await response.arrayBuffer();
+    
+    return new NextResponse(arrayBuffer, {
+      headers: {
+        "Content-Type": "application/pdf",
+        "Content-Disposition": "inline",
+        "Cache-Control": "public, max-age=3600",
+      },
+    });
+  } catch (error) {
+    return NextResponse.json({ error: "Failed to fetch PDF" }, { status: 500 });
+  }
+}