We are aware of the issue with the badge emails resending to everyone, we apologise for the inconvenience - learn more here.
Forum Discussion
Embedder error on iPhone browsers
I am using the dropbox embedder on my website. It works as expected except on iPhone devices. I have tried it on two different iPhones using the Safari, Chrome, and Firefox apps and they all have the same result:
When the page loads, there is a message shown asking the user to allow cookies. Tapping the Allow Cookies button seems to reload the embedder, but the message is always shown. I have tried checking the settings of the browser apps, but there is no setting to turn cookies on or off. I also tried deleting cached files and cookies in the browser. This was at one point working on iPhones, but I was just told that it stopped about 1 month ago.
Below is the message that is logged in the console:
www.dropbox.com/log/telemetry:1 POST https://www.dropbox.com/log/telemetry 403 Unrecognized Content-Security-Policy directive 'worker-src'. add_events:1 POST https://www.dropbox.com/2/event_logging/add_events?t=nkgw44qiKE1BDJTFf2rFy53gUP6WMLFqsUeGPH8-oJM 401 add_events:1 POST https://www.dropbox.com/2/event_logging/add_events?t=nkgw44qiKE1BDJTFf2rFy53gUP6WMLFqsUeGPH8-oJM 401 www.dropbox.com/2/client_metrics/record:1 POST https://www.dropbox.com/2/client_metrics/record 401 www.dropbox.com/2/users/get_current_account:1 POST https://www.dropbox.com/2/users/get_current_account 401 www.dropbox.com/2/previews/get_preview_data_batch:1 POST https://www.dropbox.com/2/previews/get_preview_data_batch 401 www.dropbox.com/dropins/log_event:1 POST https://www.dropbox.com/dropins/log_event 403 www.dropbox.com/dropins/log_event:1 POST https://www.dropbox.com/dropins/log_event 403 www.dropbox.com/2/previews/get_preview_data_batch:1 POST https://www.dropbox.com/2/previews/get_preview_data_batch 401 www.dropbox.com/log/telemetry:1 POST https://www.dropbox.com/log/telemetry 403
- Greg-DB
Dropbox Staff
Thanks for the report. For reference, can you let me know:
- Do you have the "Prevent Cross-Site Tracking" setting in Settings.app > Safari enabled?
- Are you placing the Embedder inside an iframe?
- Prevent Cross-Site Tracking was enabled by default. I tried disabling it, clearing the data, and closing safari then trying it again. The result was the same.
- No, I am not using an iframe. Below is my relevant code:
<html>
<head runat="server">
<script type="text/javascript" src="https://www.dropbox.com/static/api/2/dropins.js" id="dropboxjs" data-app-key="myKey"></script> </head> <body> <form runat="server"> <div class="row-container"> <a id="theFrame" class="row" style="height: 100%"></a> </div> </form> </body> </html> <script type="text/javascript"> let urlParams = new URLSearchParams(window.location.search); if (urlParams.has('Link')) { let element = document.getElementById('theFrame'); Dropbox.embed({ link: link }, element); } </script>
- Greg-DB
Thanks for the additional information. I just tried reproducing this with that code, and it only reproduces for me with "Prevent Cross-Site Tracking" enabled (and works fine with it disabled).
Please try this sample I just put up with this code (though I had to add a missing "link" definition): https://zealous-beaver-5f8cdb.netlify.app/?Link=https://www.dropbox.com/s/u0bdwmkjmqld9l2/dbx-supporting-distributed-work.gif?dl=0
Let me know if you see the same behavior with that, where it fails both with and without "Prevent Cross-Site Tracking" enabled.
About Dropbox API Support & Feedback
Find help with the Dropbox API from other developers.
