This is only intended for use when necessary for compliance with App Store policies.
Note that some users use their Google account to sign in to Dropbox.
While this provides a human-readable error string, "error_summary" should not be used for programmatic error handling.
To disincentive this, we append a random number of "." characters at the end of the string. If present, it includes a message that can be shown directly to the end user of your app.
When browser-based Java Script code makes a cross-site HTTP request, the browser must sometimes send a "pre-flight" check to make sure the server allows cross-site requests.
You can avoid the extra round-trip by ensuring your request meets the CORS definition of a "simple cross-site request".
In order to comply with Google's policy against processing the OAuth flow inside a web-view, you should not display this web page inside a web-view. Where to redirect the user after authorization has completed.