• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

CF generated Javascript blocked by X-Content-Type-Options

Explorer ,
Feb 14, 2022 Feb 14, 2022

Copy link to clipboard

Copied

We have been providing a simple javascript link for for other websites to embed to display content from our site without using iframes.

 

Basically the HTML generated in the cfm file is saved in a <cfsavecontent> variable, and rendered into javascript using document.write('jsStringFormat(content));

 

Other sites then embed it using:

<script type="text/javascript" src="somesite/temp.cfm"></script>

 

This has worked well for many years, but due to increased security we added X-Content-Type-Options="nosniff" to our headers. This results in a MIME type (“text/html”) mismatch error, so the javascript is blocked. As far as I can tell this is because a .cfm page is delivering js content (?)

 

Any suggestions how we can work around this?

Views

189

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

Explorer , Feb 14, 2022 Feb 14, 2022

Bah. Solved it. Posting a question often results in an immediate revelation :-).

In case others have a similar problem, I simply added
<cfcontent type="text/javascript">

to the .cfm file, which appears to have resolved it. Thanks for reading!

Votes

Translate

Translate
Explorer ,
Feb 14, 2022 Feb 14, 2022

Copy link to clipboard

Copied

Bah. Solved it. Posting a question often results in an immediate revelation :-).

In case others have a similar problem, I simply added
<cfcontent type="text/javascript">

to the .cfm file, which appears to have resolved it. Thanks for reading!

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Feb 15, 2022 Feb 15, 2022

Copy link to clipboard

Copied

LATEST

Certainly handy. Thanks for sharing.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation