IBM Security Verify

 View Only
  • 1.  ISAM reverse proxy incorrect mime-type

    Posted Sun June 28, 2020 05:03 PM
    Hi everybody!

    I feel a bit stumped :-(

    I have edited the ISAM reverse proxy (rp1) "junction root" and added both a css and a js subdirectory.
    In both of these I have added a common.css and common.js respectively intended to be used by applications secured by transparent junctions.
    Logging in to ISAM, and fetching http://rp1//css/common.css and/or https://rp1//js/common.js I get both back with correct mimetypes in my browser.

    BUT when i get a web page from a protected resource (i.e. https:/rp1/jct/whateverpage.jsp) that refers to /css/common.css or /js/common.js both are rejected by the browser for the same reason: trying to use a css/js  script that has the "wrong/incorrect" mimtype --> "text/html".

    In the web browser trace I can see that the request for both the css and js files are being asked from the reverse proxy (i.e https://rp/css/common.css and https://js/common.js) which independently work OK.

    Where (and possibly why) are the mimetypes for the css and js changed to "text/html"??

    Rgds
    Anders

    ------------------------------
    Anders Domeij
    CGI Sweden AB
    ------------------------------


  • 2.  RE: ISAM reverse proxy incorrect mime-type

    Posted Sun June 28, 2020 06:21 PM

    Hi Anders,

    I'm wondering if the text/html you're getting back is a login or error page from the Reverse Proxy. If so, would be interesting to know what it says. Can you see the returned content in browser trace?

    It would also be interesting to see the Reverse Proxy request log to know what resource it thinks is being requested.

    Jon.



    ------------------------------
    Jon Harry
    Consulting IT Security Specialist
    IBM
    ------------------------------