I am very surprised that I linked on a Dropbox URL stored in my web browser's history and, without being logged in, I could see the content of the file.
I have created a new file to test it and, just with the URL that is accessed by the web browser, anyone can see this file which theoretically has never been shared with anyone: https://www.dropbox.com/scl/fi/eprarh4pibp39mrrgsqw6/Document.docx?dl=0&new=1&rlkey=ghlowj8k67bf5vljtr6jkv42b
I know that you will say that the URL is "secret", but URLs can be seen:
- By other users even if I have logged out from Dropbox.
- The ISP.
- Anyone who guesses a URL (probably this is impossible in practice).
Do you know if this is normal? Isn't it a big security concern?