Actually, that rule will only allow a single subdomain, eg foo.dropbox.com. The question mark (after the brackets) should be an asterisk, to allow foo.bar.baz.dropbox.com.
Are you sure that you want to allow http (unencrypted) connections? I would drop the question mark after https.
You should also check whether Dropbox subdomains use other characters like hyphens, underscores, etc.
Are you sure that you want to allow http (unencrypted) connections? I would drop the question mark after https.
You should also check whether Dropbox subdomains use other characters like hyphens, underscores, etc.