diff --git a/blueprints/client/requests.py b/blueprints/client/requests.py
index 80c3417..0142af7 100644
--- a/blueprints/client/requests.py
+++ b/blueprints/client/requests.py
@@ -1,9 +1,20 @@
+import logging
 import math
 import uuid
-
-from flask import abort, flash, g, redirect, render_template, request, url_for
+from io import BytesIO
+
+from flask import (
+    abort,
+    flash,
+    g,
+    redirect,
+    render_template,
+    request,
+    send_file,
+    url_for,
+)
 from sqlalchemy import String, and_, cast, func, or_, select
-from sqlalchemy.orm import selectinload
+from sqlalchemy.orm import joinedload, selectinload
 
 from blueprints.client._helpers import (
     DIETARY_FLAGS,
@@ -39,6 +50,8 @@
 )
 from services.quotes import calculate_quote_totals
 
+logger = logging.getLogger(__name__)
+
 
 # Filter tabs visible on /client/requests. Each tab maps to one of the
 # values _derive_request_display_status() returns (or "all").
@@ -59,6 +72,11 @@
     QuoteStatus.expired,
 )
 
+# Mirror of the cap on caterer/requests.py: refuse to render a quote
+# whose line items list is implausibly long. Stops a malicious or
+# corrupted row from saturating the WeasyPrint worker.
+_MAX_PDF_LINES = 500
+
 
 def _derive_request_display_status(qr):
     """Collapse QR.status + quote presence into a single client-facing code.
@@ -542,6 +560,66 @@ def refuse_quote(request_id):
         flash("Devis refuse.", "info")
         return redirect(url_for("client.request_detail", request_id=request_id))
 
+    @bp.route("/requests/<uuid:request_id>/quote/<uuid:q_id>/pdf", methods=["GET"])
+    @login_required
+    @role_required("client_admin", "client_user")
+    @limiter.limit("20 per minute")
+    def quote_pdf(request_id, q_id):
+        """Download a received quote as a server-rendered PDF.
+
+        Mirrors `caterer.quote_pdf` but the scope check goes the other
+        way: the quote must belong to a request the viewer's company
+        owns. Reuses `services.quote_pdf.render_quote_pdf` so the file
+        looks identical to what the client sees in the in-app preview
+        modal (same template, same totals).
+        """
+        # Lazy import — WeasyPrint pulls Cairo/Pango bindings at import
+        # time. Same rationale as caterer.quote_pdf.
+        from services.quote_pdf import render_quote_pdf
+
+        user = g.current_user
+        db = get_db()
+        quote = db.scalar(
+            select(Quote)
+            .options(
+                selectinload(Quote.lines),
+                joinedload(Quote.caterer),
+                joinedload(Quote.quote_request).options(
+                    joinedload(QuoteRequest.company),
+                    joinedload(QuoteRequest.user),
+                ),
+            )
+            .where(Quote.id == q_id)
+            .where(Quote.quote_request_id == request_id)
+            # Drafts are caterer-only — refuse to serve a brouillon PDF
+            # to the client even if they guess the URL. Allow-list
+            # rather than `!= draft` so a future status doesn't leak by
+            # default.
+            .where(Quote.status.in_(_QUOTE_RECEIVED_STATUSES))
+        )
+        # Company-scope check: 404 instead of 403 so we don't leak the
+        # existence of a quote outside the viewer's perimeter.
+        if not quote or quote.quote_request.company_id != user.company_id:
+            abort(404)
+        if len(quote.lines) > _MAX_PDF_LINES:
+            abort(413)
+
+        pdf_bytes = render_quote_pdf(quote, quote.quote_request, quote.caterer)
+        logger.info(
+            "quote_pdf_downloaded company_id=%s user_id=%s quote_id=%s reference=%s lines=%d",
+            user.company_id,
+            user.id,
+            quote.id,
+            quote.reference,
+            len(quote.lines),
+        )
+        return send_file(
+            BytesIO(pdf_bytes),
+            mimetype="application/pdf",
+            as_attachment=True,
+            download_name=f"devis-{quote.reference}.pdf",
+        )
+
     @bp.route("/requests/<uuid:request_id>/edit", methods=["GET"])
     @login_required
     @role_required("client_admin", "client_user")
diff --git a/templates/caterer/requests/detail.html b/templates/caterer/requests/detail.html
index c03dc54..a9eea42 100644
--- a/templates/caterer/requests/detail.html
+++ b/templates/caterer/requests/detail.html
@@ -400,10 +400,19 @@ <h2 class="font-display font-bold text-2xl mb-4 text-text">Historique avec ce cl
         <h2 class="font-display font-bold text-xl text-text">Aperçu du devis</h2>
         <p class="text-sm mt-1 text-mute">Réf. {{ existing_quote.reference }}</p>
       </div>
-      <button type="button" data-action="close-pdf-preview"
-              class="w-9 h-9 rounded-lg flex items-center justify-center hover:bg-cream transition-colors flex-shrink-0">
-        <i data-lucide="x" class="w-5 h-5 text-text"></i>
-      </button>
+      <div class="flex items-center gap-2 flex-shrink-0">
+        {# Server-rendered PDF download — same _pdf_preview.html
+           partial as the modal so the file matches what's on screen. #}
+        <a href="{{ url_for('caterer.quote_pdf', qr_id=qr.id, q_id=existing_quote.id) }}"
+           class="inline-flex items-center gap-1.5 rounded-full text-xs font-bold px-3 py-2 btn-ghost-navy no-underline">
+          <i data-lucide="download" class="w-3.5 h-3.5"></i>
+          Télécharger
+        </a>
+        <button type="button" data-action="close-pdf-preview"
+                class="w-9 h-9 rounded-lg flex items-center justify-center hover:bg-cream transition-colors">
+          <i data-lucide="x" class="w-5 h-5 text-text"></i>
+        </button>
+      </div>
     </div>
 
     <div class="flex-1 overflow-y-auto p-6">
diff --git a/templates/client/requests/detail.html b/templates/client/requests/detail.html
index 17e6965..41a7f61 100644
--- a/templates/client/requests/detail.html
+++ b/templates/client/requests/detail.html
@@ -441,11 +441,22 @@ <h3 class="font-display font-bold text-xl mb-2 text-text">Aucun devis recu</h3>
               <h2 class="font-display font-bold text-xl text-text">Aperçu du devis</h2>
               <p class="text-sm mt-1 text-mute">Réf. {{ quote.reference }}</p>
             </div>
-            <button type="button" data-action="close-quote-pdf"
-                    data-target="quote-pdf-modal-{{ quote.id }}"
-                    class="w-9 h-9 rounded-lg flex items-center justify-center hover:bg-cream transition-colors flex-shrink-0">
-              <i data-lucide="x" class="w-5 h-5 text-text"></i>
-            </button>
+            <div class="flex items-center gap-2 flex-shrink-0">
+              {# Server-rendered PDF — identical content to this preview
+                 (same _pdf_preview.html partial). Goes through the
+                 client.quote_pdf route which company-scopes the
+                 access and reuses services.quote_pdf.render_quote_pdf. #}
+              <a href="{{ url_for('client.quote_pdf', request_id=qr.id, q_id=quote.id) }}"
+                 class="inline-flex items-center gap-1.5 rounded-full text-xs font-bold px-3 py-2 btn-ghost-navy no-underline">
+                <i data-lucide="download" class="w-3.5 h-3.5"></i>
+                Télécharger
+              </a>
+              <button type="button" data-action="close-quote-pdf"
+                      data-target="quote-pdf-modal-{{ quote.id }}"
+                      class="w-9 h-9 rounded-lg flex items-center justify-center hover:bg-cream transition-colors">
+                <i data-lucide="x" class="w-5 h-5 text-text"></i>
+              </button>
+            </div>
           </div>
           <div class="flex-1 overflow-y-auto p-6">
             <div class="bg-white rounded-lg border border-soft p-8">