cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
0
Upvote

CF generated Javascript blocked by X-Content-Type-Options

p3142
Explorer ,
Feb 14, 2022 Feb 14, 2022

We have been providing a simple javascript link for for other websites to embed to display content from our site without using iframes.

 

Basically the HTML generated in the cfm file is saved in a <cfsavecontent> variable, and rendered into javascript using document.write('jsStringFormat(content));

 

Other sites then embed it using:

<script type="text/javascript" src="somesite/temp.cfm"></script>

 

This has worked well for many years, but due to increased security we added X-Content-Type-Options="nosniff" to our headers. This results in a MIME type (“text/html”) mismatch error, so the javascript is blocked. As far as I can tell this is because a .cfm page is delivering js content (?)

 

Any suggestions how we can work around this?

391
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

p3142
Explorer , Feb 14, 2022 Feb 14, 2022

Bah. Solved it. Posting a question often results in an immediate revelation :-).

In case others have a similar problem, I simply added
<cfcontent type="text/javascript">

to the .cfm file, which appears to have resolved it. Thanks for reading!

Translate
replies 2 Replies 2
latest latest Jump to latest reply
p3142
Explorer ,
Feb 14, 2022 Feb 14, 2022

Bah. Solved it. Posting a question often results in an immediate revelation :-).

In case others have a similar problem, I simply added
<cfcontent type="text/javascript">

to the .cfm file, which appears to have resolved it. Thanks for reading!

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
BKBK Community Expert
Community Expert ,
Feb 15, 2022 Feb 15, 2022
LATEST
In Response To p3142

Certainly handy. Thanks for sharing.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Open in a new window
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices