Need to see if your shared folder is taking up space on your dropbox 👨💻? Find out how to check here.
Forum Discussion
Embedder error on iPhone browsers
I am using the dropbox embedder on my website. It works as expected except on iPhone devices. I have tried it on two different iPhones using the Safari, Chrome, and Firefox apps and they all have the same result:
When the page loads, there is a message shown asking the user to allow cookies. Tapping the Allow Cookies button seems to reload the embedder, but the message is always shown. I have tried checking the settings of the browser apps, but there is no setting to turn cookies on or off. I also tried deleting cached files and cookies in the browser. This was at one point working on iPhones, but I was just told that it stopped about 1 month ago.
Below is the message that is logged in the console:
www.dropbox.com/log/telemetry:1 POST https://www.dropbox.com/log/telemetry 403 Unrecognized Content-Security-Policy directive 'worker-src'. add_events:1 POST https://www.dropbox.com/2/event_logging/add_events?t=nkgw44qiKE1BDJTFf2rFy53gUP6WMLFqsUeGPH8-oJM 401 add_events:1 POST https://www.dropbox.com/2/event_logging/add_events?t=nkgw44qiKE1BDJTFf2rFy53gUP6WMLFqsUeGPH8-oJM 401 www.dropbox.com/2/client_metrics/record:1 POST https://www.dropbox.com/2/client_metrics/record 401 www.dropbox.com/2/users/get_current_account:1 POST https://www.dropbox.com/2/users/get_current_account 401 www.dropbox.com/2/previews/get_preview_data_batch:1 POST https://www.dropbox.com/2/previews/get_preview_data_batch 401 www.dropbox.com/dropins/log_event:1 POST https://www.dropbox.com/dropins/log_event 403 www.dropbox.com/dropins/log_event:1 POST https://www.dropbox.com/dropins/log_event 403 www.dropbox.com/2/previews/get_preview_data_batch:1 POST https://www.dropbox.com/2/previews/get_preview_data_batch 401 www.dropbox.com/log/telemetry:1 POST https://www.dropbox.com/log/telemetry 403
19 Replies
- Greg-DB
Dropbox Community Moderator
thesongcompany I don't have an update on this yet. I'll follow up here once I do.
Thanks! It's annoying, as there's no obvious workaround.
- Greg-DB
We've updated the Embedder implementation to better handle these cases and improve the error reporting when needed. Unfortunately, due to some of the new cross-site behaviors in some modern browsers we can't always display the content directly (depending on the user's browsers settings and behaviors), but the Embedder should now work more reliably when dealing with these restrictions, including showing some error messaging and a link to the content when it can't be displayed directly. Please give it a try and let us know if you're still seeing anything not working as expected. Thanks!
Hi there,
We still have the same issue. On an iPhone we get this message, even though cookies are enabled.
- Greg-DB
thesongcompany Are you putting the Embedder inside an iframe in this case, and do you have "Prevent Cross-Site Tracking" enabled?
- No, we're using the js embed.
- Greg-DB
thesongcompany To clarify, I'm not referring to which method of using the Embedder (anchor or JavaScript) you're using, but rather if you're putting the Embedder inside an iframe on your page. (That could be done via either method.)
Also, please let me know if you have "Prevent Cross-Site Tracking" enabled. Thanks!
Hi Greg,
This is the only code I can find on the page which refers to cross-site tracking. We are using the GoodBarber platform to create a PWA and this page as we build it is (from our perspective) a pure (and very simple) HTML page with the DB embed, but clearly the platform injects all kinds of codes.
define(["require", "exports", "tslib", "react", "modules/clean/react/css", "dropbox/proto/js_init_data/dropins/embeds", "modules/clean/react/dropins_v3/embeds/error/callback_error", "modules/clean/react/dropins_v3/embeds/error/generic_error", "modules/clean/react/dropins_v3/embeds/error/password_error", "modules/clean/react/dropins_v3/embeds/error/login", "modules/core/i18n", "modules/clean/react/dropins_v3/embeds/tti", "modules/clean/react/dropins_v3/embeds/error/storage_access"], (function(e, r, t, s, a, o, n, c, d, i, l, u, m) {
"use strict";
Object.defineProperty(r, "__esModule", {
value: !0
}),
r.EmbedError = void 0,
s = t.__importDefault(s);
r.EmbedError = a.requireCssWithComponent((function(e) {
var r = s.default.useState(!1)
, t = r[0]
, a = r[1]
, f = s.default.useState(m.getStorageAccessState())
, g = f[0]
, b = f[1];
if (g === m.StorageAccessState.NoAccessCanRequest)
return s.default.createElement(n.CallbackErrorComponent, {
callback: m.attemptStorageAccessThenReload(b),
messageText: l.intl.formatMessage({
id: "dQ+g2n",
defaultMessage: "Cookies are required to view this Dropbox content."
}),
ctaText: l.intl.formatMessage({
id: "WqYWha",
defaultMessage: "Allow cookies"
})
});
if (g === m.StorageAccessState.NoAccess)
return s.default.createElement(c.GenericErrorComponent, {
errorText: l.intl.formatMessage({
id: "CwuFw8",
defaultMessage: "Cookies are required to view this Dropbox content. You may need to enable them in your browser."
})
});
if (g === m.StorageAccessState.AccessDenied)
return s.default.createElement(c.GenericErrorComponent, {
errorText: l.intl.formatMessage({
id: "BHiVSS",
defaultMessage: "Can’t show content because of your privacy settings around cross-site tracking."
}),
link: e.link
});
switch (e.error) {
case o.embeds.LinkError.NONE:
return s.default.createElement(s.default.Fragment, null, s.default.Children.only(e.children));
case o.embeds.LinkError.LOGIN:
return u.markTTIIfNeeded(t, a),
s.default.createElement(n.CallbackErrorComponent, {
callback: i.loginWithPopup,
messageText: l.intl.formatMessage({
id: "4zpQ9B",
defaultMessage: "Can’t show content because you’re not signed in to Dropbox."
}),
ctaText: l.intl.formatMessage({
id: "Hjykd1",
defaultMessage: "Sign In"
})
});
case o.embeds.LinkError.NO_ACCESS:
return u.markTTIIfNeeded(t, a),
s.default.createElement(c.GenericErrorComponent, {
errorText: l.intl.formatMessage({
id: "xOodvS",
defaultMessage: "Can’t show content because the owner hasn’t granted you access."
}),
link: e.link
});
case o.embeds.LinkError.EXPIRED:
return u.markTTIIfNeeded(t, a),
s.default.createElement(c.GenericErrorComponent, {
errorText: l.intl.formatMessage({
id: "ucqLru",
defaultMessage: "Can’t show content because the link has expired."
})
});
case o.embeds.LinkError.PASSWORD:
return u.markTTIIfNeeded(t, a),
s.default.createElement(d.PasswordError, {
link: e.link
});
case o.embeds.LinkError.TAKEDOWN:
return u.markTTIIfNeeded(t, a),
s.default.createElement(c.GenericErrorComponent, {
errorText: l.intl.formatMessage({
id: "VPeXVB",
defaultMessage: "Can’t show content because it has been taken down."
})
});
case o.embeds.LinkError.INVALID_LINK:
default:
return u.markTTIIfNeeded(t, a),
s.default.createElement(c.GenericErrorComponent, {
errorText: l.intl.formatMessage({
id: "5r7/Jv",
defaultMessage: "Can’t show content because something went wrong."
})
})
}
}
), ["/static/css/dropins_v3/embeds/index-vflvkFyFQ.css", "/static/css/dig-components/index.web-vflGJghcb.css", "/static/css/spectrum/index.web-vflmHVRF-.css"])
}
));
//# sourceMappingURL=embed_error.min.js-vfljKn5wQ.mapHope that sheds some light on how to fix it.
- Greg-DB
thesongcompany Apologies for the confusion. I was referring to the "Prevent Cross-Site Tracking" setting in Settings.app > Safari. Can you check that?
It may also be easier if you can share a URL of a page where the Embedder isn't working for you. Feel free to open an API ticket if you'd prefer to share privately. Thanks in advance!
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
