OO

just updated to 2.1.1 without doing code hacking you suggested above, as according to the new update, this issue is fixed. Unluckily, still the pdf generation url can be accessed by non-logged in user. I simply copied the url link from Chrome where a user has logged in to a IE browser where all history has been cleaned, but the pdf link can still be accessed.

Cheers!

Thank you for your reply. That is really helpful. Gravity form PDF extended is a really handy plugin. Thumb up!