3 Replies Latest reply on Feb 6, 2018 8:50 AM by jasonglass

MIME type returned for Office Documents recognized at ZIP in Internet Explorer 8 and lower

windwardadmin Mar 19, 2014 4:13 AM

Hello,

We have several clients reporting that a file stream that is returned from our application for MS Office filetypes (DOCX, XLSX and PPTX) is interpreted in Internet Explorer 8 as a ZIP file instead of the appropriate MS Office MIME types. In Chrome, Safari, Firefox and IE 9.X and above the MIME type is interpreted correctly.

After some research I have found that MIME sniffing is used to interpret the first few bytes of the incoming filestream.

My question is how can I alter the JBoss server in accordance with the articles from Microsoft below to allow for this MIME type exception? The article states that a custom X-Content-Type-Options:nosiff HTTP header request needs to be added to the JBoss server.

We are using JBoss 4.2.3

How to add a custom HTTP Response Header to JBoss

https://community.jboss.org/message/621370

This post in the JBoss forums alludes to manipulating the WAR file of the application to create application specific rules for exceptions.

https://community.jboss.org/wiki/DisableCacheControl

This is the article for HTTPS connections with the same issue on the MS Website and how to add this header to an MS Server.

http://support.microsoft.com/?id=316431

From the information in the MS article and the information in the JBoss forum on how to translate adding a MS Custom HTTP Header to a JBoss application, I believe the same steps can be taken to add the header request I sent earlier “X-Content-Type-Options: nosniff” as well as adding the DisableCacheControl if our clients are using HTTPS connections to the app.

Common non-standard response headers[edit]

Field name	Description	Example
X-Content-Type-Options^[33]	The only defined value, "nosniff", prevents Internet Explorer from MIME-sniffing a response away from the declared content-type. This also applies to Google Chrome, when downloading extensions.^[34]	`X-Content-Type-Options: nosniff`

--The Windward Team

1. Re: MIME type returned for Office Documents recognized at ZIP in Internet Explorer 8 and lower

windwardadmin Mar 25, 2014 10:33 AM (in response to windwardadmin)

6 days and no activity. Any ideas?

--The Windward Team
Actions
2. Re: MIME type returned for Office Documents recognized at ZIP in Internet Explorer 8 and lower

windwardadmin Apr 8, 2014 5:59 AM (in response to windwardadmin)

Should we post this in another forum where it may get more traction? Approaching a month without a response and wondering how we can make this issue more visible.

--The Windward Team
Actions
3. Re: MIME type returned for Office Documents recognized at ZIP in Internet Explorer 8 and lower

jasonglass Feb 6, 2018 8:50 AM (in response to windwardadmin)

I know it's a bit late on this but since I just ran across it you have two options and either need to set theses headers in custom filter and put this jar in the web application's lib folder.Please note that this is for a specific web application. The other option is you can set these http headers globally using a custom valve jar.
Actions

Go to original post