I'm working on a Mac OS High Sierra 10.13.6. I downloaded a file (.docx) from my web dropbox. When I get the finder info on my file (cmd-i), tab "more info" displays a web address. I copypasted it in the browser tab, and I got the file dowloaded again. Then I sent it to a colleague, and she downloaded the file from my dropbox without problems too. The system does not ask her a permission.
Notice that, when I download an attachment from gmail, I can read the address too. But, if I copypaste this address in the browser big G does not allow me to download it.
In my opinion, this is a security problem. If someone get access to the downloaded file, one can copy this link, send it to someone else, publish it in the web etc.
EDIT: I add a screenshot:
Hi @fgalofaro538, thanks for posting on the Community!
Was this file located in a shared folder that the other user was a member of, or was there a shared link to the file available for anyone?
Can you try the same for a file located in the root folder, without any shared links on it?
Keep me posted!
Dear Jay, thank you for the reply. The dropbox folder where the file is located is not shared with anyone. After the download, I simply copypasted the link from the finder info of the file (see the picture above) and I sent it to my colleague via mail. I did it only to test if it would work and .. it works. The problem is that Mac OS keeps trace of the address of the download even if the latter is not displayed in the browser's address field.
I also compared the link displayed by the finder info to the link I can get from dropbox to share the file, and it turns out that they are different.
When you opened the URL in the browser, were you currently signed into your Dropbox account? If so, try logging out, or use and incognito/private browsing window, and let me know if you get the same behavior. Thanks!
when my colleague opened the file, she was not logged in with my account in dropbox. She has a dropbox account, but she uses the desktop app, so she was not logged in with her account to the browser. I tried with the incognito window, as you suggested, and I downloaded the file without problems.
I have more news. I have been able to reproduce the same behaviour with a different OS, this time the Chrome OS of my laptop. If I open the download windows of the browser, I can see the address from which I downloaded the file (see screenshot). Now, If I right-click on it, I can "copy link address" and paste it in the browser tab, and it will download the file. Please note that this will not work if I simply highlight the address and copy with ctrl-c, since this way the resulting address is different and I get a 404 not-found. Instead, with the right-click method, I can also paste the working address into a mail and send it to a different person who will be able to download the file without being logged in (I opened it with firefox-ubuntu).
I hope all this can be useful to you.
Thanks for the info, would it be okay if I reach out to your email associated with the forum profile in order to investigate this matter further?
The way we work is changing. Share and discover new ways to work smarter with Dropbox in our community.Sound good? Let's get started.
For more info on available support options, see this article.
If you found the answer to your question, please 'like' the post to say thanks to the user!