The OneDrive team has been hard at work so you can more easily access, share, and collaborate on all your files from anywhere. April 2019 brought a slew of updates to OneDrive in Office 365 – from a...
Updated May 10, 2019
Version 4.0
Blog Post
KoushikBanerjee No whitepaper at the moment. This feature works the same way as it does for "Anyone with the link" and "People in my organization with the link" links.
If you are familiar with Permissions and Permission Levels in SharePoint, there are two similar but different permissions: View Items and Open Items. When people click on links which block download, they are assigned the Restricted View permission level which includes the View Items permission but not the Open Items permission.
Users need the Open Items permission in order to download source content from SharePoint. Therefore, any direct requests made by the user to the content will result in "403 Forbidden" since they are not allowed to retrieve the content. Note that the content itself is not protected by RMS or IRM or anything like that. We are just restricting downloads based on what permissions a user has to the resource.
Users that can't download are only able to view Office files in Office Online which works both on desktop and mobile platforms. But, because the user lacks the permissions necessary to download then they won't be able to open the file in Office desktop apps or any other app which downloads the file as part of opening or previewing it.
Hope that helps.