You might see that the Dropbox Community team have been busy working on some major updates to the Community itself! So, here is some info on what’s changed, what’s staying the same and what you can expect from the Dropbox Community overall.
Forum Discussion
AlemoDaniel
7 years agoHelpful | Level 6
CORS Problem with Namespace and Dropbox-API-Path-Root header
Trying to list team root folders using this request from the namespace guide:
curl -X POST https://api.dropboxapi.com/2/files/list_folder \
--header "Authorization: Bearer <token>" \
--header "Cont...
- 7 years ago
So i found that this works:
curl -X POST https://api.dropboxapi.com/2/files/list_folder?path_root={".tag": "root", "root":"<namespace_id>"} \ --header "Authorization: Bearer <token>" \ --header "Content-Type: application/json" \ --data '{"path":""}'
I didn't find this specific implementation documented anywhere, but rather derived from section Browser-based JavaScript and CORS pre-flight requests from the documentation:
Use URL parameters
arg
andauthorization
instead of HTTP headersDropbox-API-Arg
andAuthorization
.I think it would still be cool, if Dropbox-API-Path-Root would be added to allowed headers. Currently this is the response i get:
Access-Control-Allow-Headers: Origin, Accept-Language, Content-Language, Cache-Control,
Dropbox-API-Select-User, Accept, Range, Referer, Dropbox-API-Arg, If-Modified-Since,
If-None-Match, Content-Type, Dropbox-API-User-Locale, AuthorizationAs you see, Dropbox-API-Arg is already supported, so there is no need to work around the preflight request
- 7 years agoThese headers have been added, so this should work now. Hope this helps!
AlemoDaniel
7 years agoHelpful | Level 6
So i found that this works:
curl -X POST https://api.dropboxapi.com/2/files/list_folder?path_root={".tag": "root", "root":"<namespace_id>"} \ --header "Authorization: Bearer <token>" \ --header "Content-Type: application/json" \ --data '{"path":""}'
I didn't find this specific implementation documented anywhere, but rather derived from section Browser-based JavaScript and CORS pre-flight requests from the documentation:
Use URL parameters arg
and authorization
instead of HTTP headers Dropbox-API-Arg
and Authorization
.
I think it would still be cool, if Dropbox-API-Path-Root would be added to allowed headers. Currently this is the response i get:
Access-Control-Allow-Headers: Origin, Accept-Language, Content-Language, Cache-Control,
Dropbox-API-Select-User, Accept, Range, Referer, Dropbox-API-Arg, If-Modified-Since,
If-None-Match, Content-Type, Dropbox-API-User-Locale, Authorization
As you see, Dropbox-API-Arg is already supported, so there is no need to work around the preflight request
- Greg-DB7 years agoDropbox StaffThanks for the report! I'll ask the team to update our CORS implementation to allow this.
- AlemoDaniel7 years agoHelpful | Level 6Thanks, that would be awesome. Also would be cool to have the url hacking documented a bit more detailed somewhere :)
- Greg-DB7 years agoDropbox StaffNo problem, I'll ask the team to expand the documentation on this as well.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
5,877 PostsLatest Activity: 12 months agoIf you need more help you can view your support options (expected response time for an email or ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!