You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Inspect the HTTP response headers for those .js files
[REQUIRED] Expected behavior
The .js files return a Content-Type: application/javascript response header
[REQUIRED] Actual behavior
The .js files do not return any Content-Type header.
This is an issue when using the X-Content-Type-Options: nosniff header, since the browser will refuse to infer a Content Type, thereby not executing the firebase scripts.
I think I have a similar error, but not for a firebase script. I am trying to adapt this guide to serving a static site with a Firebase app, so that I can keep it behind Google auth. That page is from a few years ago so I had to update a few things (I'm also not sure it was totally working as published).
So I'm trying to create a static site with mkdocs, stick the static site in a bucket, and then serve it behind a Firebase function that checks for proper auth. The site includes some javascript for search and things, and I see this error in the console (which I believe is also preventing me from deploying)
Refused to execute script from 'http://localhost:5000/search/lunr.js' because its MIME type ('') is not executable.
There are probably work-arounds to this for my particular situation (e.g. it just occurred to me that I can keep most of these files public, I only need to keep content protected). But might be a similar bug?
[REQUIRED] Environment info
firebase-tools:
9.2.0
Platform:
macOS
[REQUIRED] Test case
firebase emulators:start --only hosting --project your-project-id
from within the directoryhttp://localhost:5000/
firebase-issue-3041.zip
[REQUIRED] Steps to reproduce
.js
files[REQUIRED] Expected behavior
The
.js
files return aContent-Type: application/javascript
response header[REQUIRED] Actual behavior
The
.js
files do not return anyContent-Type
header.This is an issue when using the
X-Content-Type-Options: nosniff
header, since the browser will refuse to infer a Content Type, thereby not executing the firebase scripts.This does not seem to happen in production and only affects the emulator's response of these firebase scripts (
/__/firebase/$version/$library.js
)The text was updated successfully, but these errors were encountered: