You could use admin-ajax.php to create a simple file proxy:
add_action('wp_ajax_proxy_for_object1', 'proxy_for_object1');
add_action('wp_ajax_no_priv_proxy_for_object1', 'proxy_for_object1');
function proxy_for_object1() {
$mimetype=""; // set to matching file MIME type
header("Content-type: ".$mimetype.";");
echo file_get_contents('/wp-content/uploads/xx/thenameofmyfile.ext');
exit;
}
Then set the object resource URL to admin-ajax.php?action=proxy_for_object1
It will of course be fully accessible through the provided URL anyway, so this is really just “obscuring” it, not fully “hiding” it.
So what’s the point? Well, will hide the file’s source directory, say if you have other resources there you don’t want to be found so easily. Otherwise, I can’t see much point to it.