I'm a beginner but am now using the Chooser API successfully from a Web app. But I'm concerned about the security of the link obtained. Your description of the returned link is too short and doesn't say anything about security. It says 2 types of links are returned, first is shared and the second is a download, valid for 4 hours. Does it mean, these links then become open to all who get their address? As a user of the web app I would assume that when I opens a file to process in my web app, it's available only to the Web App and to no one else except to myself via regular dropbox access from other sources. Please clarify the security risk of the file chosen so that I can make a decision whether it's safe to use for the users of my web app.
Solved! Go to Solution.
Thanks for replying promptly.
A few related questions:
1) I thought specifying the Chooser/Saver domain for the App Settings will only make the file available to that domain. Is that true at least for the second type of "download" URL that expires in 4 hours? Or is that also available from anywhere for download?
2) BUG: Also when I click on the Links (www.dropbox.com/share/links) to see what links are now exposed, it's just stuck on wait cursor for a long time, over 15 minutes now. Seems like a bug.
I think when Web Apps use this feature, they are exposing a security risk for the end user where the user is unaware that private files may be exposed via links. At least the chooser dialog should give a prominent warning.