cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Learn all about how Alex on the Community team used Dropbox in college here!

Discuss Dropbox Developer & API

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

409 error with (JS SDK).sharingGetSharedLinkFile(), works with curl or browser

409 error with (JS SDK).sharingGetSharedLinkFile(), works with curl or browser

blobwriter
Explorer | Level 4

I think there's another thread from a couple of years ago about this on the forum, but the forum search didn't bring it up, so here we are..

 

As described in the title - I have a shared link to a file, which works when I just follow $shared_link_file_url in the browser (whether logged in or with incognito mode), or if I use:

 

 

curl -L ${shared_link_file_url}

 

 

In both cases, the contents of the text file are returned.

 

If instead, I use the JS SDK in the browser to call dropbox_instance.sharingGetSharedLinkFile({ url: $shared_link_file_url }), I get a 409 "shared_link_access_denied" error, even if logged in. 

 

So....bug? Timeline on a fix?

 

 

3 Replies 3

Re: 409 error with (JS SDK).sharingGetSharedLinkFile(), works with curl or browser

Greg-DB
Dropboxer

Can you confirm you're using an API app registered with the "app folder" access type? There is a bug that results in this error when using this method with an access token for an app folder app. That's still open with engineering, but I don't have a timeline on a fix.

Re: 409 error with (JS SDK).sharingGetSharedLinkFile(), works with curl or browser

blobwriter
Explorer | Level 4

Yep, that's exactly correct, thanks for the fill-in.

 

So with global Dropbox  access scope it doesn't happen? That's a much higher trust barrier to get over for users, unfortunately.

 

And just to check: I don't think there's an auth flow for users to make that decision (regarding access scope) for themselves, right? Can an app request global scope, be rebuffed and given only AppFolder scope, and then have to figure out for itself what it should do (e.g. regarding paths)? That way if a user only allowed AppFolder scope, I could just notify them that sharing won't work for the time being.

But as it stands currently, [global scope] vs [app folder scope] is solely set from the DevConsole, is that correct?

 

Anyway, regarding the root issue of broken shared links in AppFolders, as a temporary workaround it would be pretty sweet if someone at Dropbox could turn on the Access-Control-Allow-Origin header for publicly shared links, so a regular JS fetch() call could suffice. Or maybe set up a temporary CORS proxy, so I don't have to pay to run one myself? Pwetty pweeze? 😛

 

 

Re: 409 error with (JS SDK).sharingGetSharedLinkFile(), works with curl or browser

Greg-DB
Dropboxer

Yes, this bug only affects apps with the "app folder" type, not the "full Dropbox" type.

 

And that's correct, the "app folder" versus "full Dropbox" type is selected when first registering the API app. There isn't a way to dynamically set or fall back on that, e.g., during the authorization flow. You could register one of each however and switch between them as needed though.

 

Anyway, I can't make any promises on a workaround, but I'll pass it along.

Poll
Do you work or study in the creative industry? If so, which area?
If you use Adobe, don't forget to check out our latest integrations update here.
Who's talking

Top contributors to this post

  • User avatar
    Greg-DB Dropboxer
  • User avatar
    blobwriter Explorer | Level 4
What do Dropbox user levels mean?
Need more support?