Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
For a few years now, I've been able to use HEAD requests from my web page to verify that a Dropbox link that a user provides points to a "Content-Type: video/mp4" file
All of a sudden I get the following headers (some omitted for brevity):
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
Cache-Control: max-age=60
Content-Disposition: inline; filename="Survive2018.mp4"; filename*=UTF-8''Survive2018.mp4
Content-Security-Policy: report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups
Content-Security-Policy: form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Etag: 124921d
Pragma: public
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Dropbox-Content-Length: 3939168897
X-Robots-Tag: noindex, nofollow, noimageindex
X-Server-Response-Time: 56
Content-Type: application/json
Accept-Encoding: identity,gzip
Date: Thu, 10 Feb 2022 21:05:14 GMT
Server: envoy
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Robots-Tag: noindex, nofollow, noimageindex
X-Dropbox-Response-Origin: far_remote
X-Dropbox-Request-Id: 2acb520e314c461d966a55c73bb7b017
Transfer-Encoding: chunked
The content type is now set to "application/json". Is this by design or is it a bug? Does it have to do with "X-Content-Type-Options: nosniff"?
Thx!
Hi @bolddp,
Hah.. Seems really the HEAD requests response brings up bugs. 🤷 Let's hope this trouble will be fixed soon.
By the way you can temporary workaround with a dummy GET request with a single byte range. 😉 Just make sure within the GET request is a header like:
Range: bytes=0-0
Hope this helps to some extent.
Thanks for the report! We'll look into it.
@Здравко That was a new trick to me, and it seems to work just fine. Thx a lot for the help!
Hello @Greg-DB,
Do you have any update on this issue?
Is there a plan to fix it on your side and by when?
Thanks.
@frebours This is still open with engineering, but I don't have an update or timeline to share. I'll follow up here once I have any news.
Same issues while I'm getting content-length of the file from the direct download link but it's not working, When I try with the Google Drive direct download link it gives all headers data I think because they accept "access-control-allow-methods" to "GET, HEAD, OPTIONS". Maybe the "Head" method is not allowed in Dropbox for file HTTP requests.
Hi there!
If you need more help you can view your support options (expected response time for a ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!