Easiest way to get (dropbox) file datetime using a dropbox link

janhec · ‎12-23-2020

Hi All,

I share a project I'm working on through some executables on dropbox, which users get a link to, so they can download.

I prefer, obviously, that they have an account, so they will have automatic synchronization to these frequently changed files.

However, some do not want to install dropbox and now I'm writing a mini-application (C++ using curl) to download, if necessary, the file(s) before starting the application.

Download is no problem with a the help of some specific curl parameters and the tag dl=1 and I can get some file information (notably the size) through the same proces using the curl parameter NOBODY. I would like to get the datetime, so I can decide automatically whether a full download is necessary. However, the file datetime stamp seems not to be present (the date shown below is date time of request),

(with minor redactions):
HTTP/1.1 200 OK
Server: envoy
Date: Tue, 22 Dec 2020 15:19:52 GMT
Content-Type: application/binary
Content-Length: 3943424
Cache-Control: max-age=60
Pragma: public
X-Dropbox-Request-Id: 81328b5452374573a93f7ddfb328d93b
X-Robots-Tag: noindex, nofollow, noimageindex
Referrer-Policy: no-referrer
Etag: 1609568595538751d
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Disposition: attachment; filename="myfile.exe"; filename*=UTF-8''myfile.exe
Content-Security-Policy: sandbox
X-Webkit-Csp: sandbox
X-Content-Security-Policy: sandbox
Vary: Origin
X-Server-Response-Time: 394
Strict-Transport-Security: max-age=31536000; includeSubDomains
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Robots-Tag: noindex, nofollow, noimageindex

I then started trying the metadata interface e.g. (from cmd):

curl -X POST https://api.dropboxapi.com/2/files/get_metadata --data "{\"path\": \"id:4uo2ukwz6z9xvb3\",\"include_media_info\": false,\"include_deleted\": false,\"include_has_explicit_shared_members\": false}", but obviously get:
Error in call to API function "files/get_metadata": Must provide HTTP header "Authorization" or URL parameter "authorization".

Before delving deeper into this auth I would like to ask the question: Is there a simple(r) way to obtain file date time using the dropbox link for downloading or another method avoiding additional overhead? Clearly the people downloading are not getting any personal authorization info, so the only recourse is the link, which, as everyone knows, looks like https://www.dropbox.com/s/i1x59cj1zrs8cva/filename.ext?dl=0.

Thanks in advance,

Jan

Greg-DB · ‎12-23-2020

Using the /2/sharing/get_shared_link_metadata endpoint is the right way to get metadata from a shared link, but that does require an access token, as you found.

There isn't another way to get the modified time of the file from the shared link directly, but you could instead use that "etag" value returned with that 200 response when accessing the shared link. You can store the etag for the version of the file you last downloaded, and before downloading it again, check the current etag value. If the etag value hasn't changed, that means that the content hasn't changed.

View solution in original post

ugur_kayaardi · ‎12-23-2020

forget it bro, close and open again try. .)

Greg-DB · ‎12-23-2020

Using the /2/sharing/get_shared_link_metadata endpoint is the right way to get metadata from a shared link, but that does require an access token, as you found.

There isn't another way to get the modified time of the file from the shared link directly, but you could instead use that "etag" value returned with that 200 response when accessing the shared link. You can store the etag for the version of the file you last downloaded, and before downloading it again, check the current etag value. If the etag value hasn't changed, that means that the content hasn't changed.

janhec · ‎12-23-2020

@Greg-DB ,

Thank you.

That is quite helpful and probably sufficient. I'll tag it as a solution.

But it still surprises me that the last modified date is not given, and also not shown in de preview/download page you get when clicking the ....?dl=0 link. I really think that it would be helpful for people to avoid downloading a file which is identical to a previously downloaded file. I would really hope that dropbox does not deem this sort of functionalitty to be reserved to account-holders only.

Thanks again,

Jan

janhec · ‎05-17-2023

Re: The identical code now yields no useful information (with regard to fileversion).
Etag has disappeared, X-Dropbox-Request-Id changes per request.

So I'll ask, instead of ranting about lack of backward compatibility, what is the way to

check a shared linked file for new version without downloading it (and even then...).

Here's what I get now, since a few days and after unreliable/varying responses:

--------------------------

HTTP/1.1 200 OK
Content-Security-Policy: font-src https://* data: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; base-uri 'self' ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; media-src https://* blob: ; connect-src https://* ws://127.0.0.1:*/ws ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; img-src https://* data: blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; worker-src https://www.dropbox.com/static/serviceworker/ blob: ; frame-ancestors 'self' ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline'
Content-Type: text/html; charset=utf-8
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Set-Cookie: gvc=NDA2MzQyMTE4OTgyOTM1NjUzMDg0NTY5MTk5MzEzNDEwMzgyNjQ=; Path=/; Expires=Mon, 15 May 2028 19:09:07 GMT; HttpOnly; Secure; SameSite=None
Set-Cookie: t=GwpLm07-vGJT-M6RXpRnzwJ8; Path=/; Domain=dropbox.com; Expires=Sat, 16 May 2026 19:09:07 GMT; HttpOnly; Secure; SameSite=None
Set-Cookie: __Host-js_csrf=GwpLm07-vGJT-M6RXpRnzwJ8; Path=/; Expires=Sat, 16 May 2026 19:09:07 GMT; Secure; SameSite=None
Set-Cookie: __Host-ss=mY4WgzA-Fo; Path=/; Expires=Sat, 16 May 2026 19:09:07 GMT; HttpOnly; Secure; SameSite=Strict
Set-Cookie: locale=en; Path=/; Domain=dropbox.com; Expires=Mon, 15 May 2028 19:09:07 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow, noimageindex
X-Xss-Protection: 1; mode=block
Date: Wed, 17 May 2023 19:09:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: envoy
Cache-Control: no-cache, no-store
Vary: Accept-Encoding
X-Dropbox-Response-Origin: far_remote
X-Dropbox-Request-Id: d5e15471969948c685be3ae620c37c34
Transfer-Encoding: chunked

------------------------------

Anyone?

Greg-DB · ‎05-17-2023

Using /2/sharing/get_shared_link_metadata is still the right way to get metadata from a shared link, and that now supports both User Authentication (using an access token, as before) as well as App Authentication (using an app key and secret instead of an access token). If that works better for your use case now, I suggest looking into that. You can get an app key and secret by registering an app here; be sure to use "Full Dropbox" access for this scenario (even though you won't need to actually connect it to an account and get an access token to call /2/sharing/get_shared_link_metadata with app authentication).

When calling /2/sharing/get_shared_link_metadata for a file, you can check the returned "rev" value, which is a revision identifier, in addition to "server_modified". Check out the documentation there for the full field information.

As for the etag value when accessing the shared link directly, that is still working and being returned with the etag for me when I try accessing a file directly using curl with a valid shared link to a file with "dl=1". I see in your output that you're getting back an HTML page. I recommend checking if the shared link you're using is still valid. You can manually try it in a web browser to see what that HTML page is; it may contain an error message regarding the shared link.

Also, the 'X-Dropbox-Request-Id' value is expected to change on every request, as that is an identifier for each request made to Dropbox, not the file being accessed itself.

janhec · ‎05-17-2023

Ok, thanks for a helpful and very fast response, I'll get to work with this info🙂

janhec · ‎05-17-2023

I had not realized that ?dl=1 is needed and removed it. Now it works fine again.

Thanks,

Jan

Easiest way to get (dropbox) file datetime using a dropbox link

Easiest way to get (dropbox) file datetime using a dropbox link

Top contributors to this post