<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Access token js , security ? in Dropbox API Support &amp; Feedback</title>
    <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Access-token-js-security/m-p/185233#M7811</link>
    <description>&lt;P&gt;HI sorry for english :&lt;/P&gt;
&lt;P&gt;i use this script to upload file directly &amp;nbsp;on my dropbox app with javascript:&lt;/P&gt;
&lt;PRE&gt;&amp;lt;form onSubmit="return uploadFile()"&amp;gt;&lt;BR /&gt; &amp;lt;input type="hidden" id="access-token" value="&amp;lt;?=$token ?&amp;gt;" /&amp;gt;&lt;BR /&gt; &amp;lt;label&amp;gt;Seleziona il file da caricare&amp;lt;/label&amp;gt;&lt;BR /&gt; &amp;lt;br&amp;gt;&lt;BR /&gt; &amp;lt;input type="file" id="file-upload" /&amp;gt;&lt;BR /&gt; &amp;lt;br&amp;gt;&lt;BR /&gt;&lt;BR /&gt; &amp;lt;button type="submit"&amp;gt;Esegui l'upload&amp;lt;/button&amp;gt;&lt;BR /&gt; &amp;lt;/form&amp;gt;&lt;/PRE&gt;
&lt;P&gt;in this way the access token is show in souce code .&lt;BR /&gt;&lt;BR /&gt;if a developer use this access token can create an app and manage the file of my folder ,&lt;BR /&gt;it's true ?&lt;BR /&gt;if it's true how can i secure it ?&lt;/P&gt;</description>
    <pubDate>Wed, 29 May 2019 09:30:35 GMT</pubDate>
    <dc:creator>Stefano B.3</dc:creator>
    <dc:date>2019-05-29T09:30:35Z</dc:date>
    <item>
      <title>Access token js , security ?</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Access-token-js-security/m-p/185233#M7811</link>
      <description>&lt;P&gt;HI sorry for english :&lt;/P&gt;
&lt;P&gt;i use this script to upload file directly &amp;nbsp;on my dropbox app with javascript:&lt;/P&gt;
&lt;PRE&gt;&amp;lt;form onSubmit="return uploadFile()"&amp;gt;&lt;BR /&gt; &amp;lt;input type="hidden" id="access-token" value="&amp;lt;?=$token ?&amp;gt;" /&amp;gt;&lt;BR /&gt; &amp;lt;label&amp;gt;Seleziona il file da caricare&amp;lt;/label&amp;gt;&lt;BR /&gt; &amp;lt;br&amp;gt;&lt;BR /&gt; &amp;lt;input type="file" id="file-upload" /&amp;gt;&lt;BR /&gt; &amp;lt;br&amp;gt;&lt;BR /&gt;&lt;BR /&gt; &amp;lt;button type="submit"&amp;gt;Esegui l'upload&amp;lt;/button&amp;gt;&lt;BR /&gt; &amp;lt;/form&amp;gt;&lt;/PRE&gt;
&lt;P&gt;in this way the access token is show in souce code .&lt;BR /&gt;&lt;BR /&gt;if a developer use this access token can create an app and manage the file of my folder ,&lt;BR /&gt;it's true ?&lt;BR /&gt;if it's true how can i secure it ?&lt;/P&gt;</description>
      <pubDate>Wed, 29 May 2019 09:30:35 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Access-token-js-security/m-p/185233#M7811</guid>
      <dc:creator>Stefano B.3</dc:creator>
      <dc:date>2019-05-29T09:30:35Z</dc:date>
    </item>
    <item>
      <title>Re: Access token js , security ?</title>
      <link>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Access-token-js-security/m-p/185234#M7812</link>
      <description>&lt;P&gt;If you're trying to build an app for clients to upload files to one Dropbox account (say your personal account), then there is no client-side solution that will allow clients&amp;nbsp;to securely upload directly to your Dropbox. Your access token will always be exposed client-side.&lt;/P&gt;
&lt;P&gt;If you want to use your personal Dropbox account as a place for users to upload content, then you will need to implement a server-side solution. For example, you can have clients upload content to your server and then from your server, you can upload the content directly to your personal Dropbox account. In this case, you would not want to use the JavaScript SDK, instead perhaps the Java SDK (&lt;A href="https://www.dropbox.com/developers/documentation/java" rel="nofollow noreferrer"&gt;https://www.dropbox.com/developers/documentation/java&lt;/A&gt;).&lt;/P&gt;
&lt;P&gt;Does this answer your question?&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Thu, 25 Aug 2016 08:33:37 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Dropbox-API-Support-Feedback/Access-token-js-security/m-p/185234#M7812</guid>
      <dc:creator>Stephen C.14</dc:creator>
      <dc:date>2016-08-25T08:33:37Z</dc:date>
    </item>
  </channel>
</rss>

