A correction to my previous post: since THE_REQUEST looks like "GET /foo/bar/baz.pdf HTTP/1.0", the regex used needs to match the space between "pdf" and "HTTP", so this mod works better:
RewriteCond %{THE_REQUEST} .*\.pdf[^\wA-Za-z0-9._?&%-]
Again, YMMV depending on what characters you expect to be valid trailing ".pdf" in your application.
