Range requests used by pdfjs are not isolated to URL bar domain
If a server sends the Accept-Ranges header + a (proper) Content-Length Tor Browser is starting range requests that are not isolated to the URL bar domain. You can test this e.g. with https://kpdyer.com/publications/usenix2014-fte.pdf. Works even in a third party context with https://people.torproject.org/~gk/misc/range-request-test.html (your security slider level needs to be below medium-high in this case).