Getting following error message when using https to access spreadsheet. Please advise.
The resource from “site.comspreadsheet/codebase/spreadsheet.php?sheet=15” was blocked due to MIME type mismatch (X-Content-Type-Options: nosniff).
i.gettheclicks.com/spreadsheet.php?pid=15user
The headers of your page instruct browser to use a more high level of security ( browser is more strict during script execution ) which blocks the logic of spreadsheet.
Is there a work around. The issue happened after we installed ssl. Does the spreadsheet work with ssl?
Spreadsheet works with SSL, the error in your case is not caused by SSL, it is result of “X-Content-Type-Options: nosniff” header that your server adds to the app’s page.
please let me know how to resolve it in server side. To the server tech should we give any specific instructions?
I’m not sure, which server side configuration you are using, but somewhere in config of web-server you have define extra header
X-Content-Type-Options: nosniff
Just disable this header for the spreadsheet files. ( This is need to be done in server’s config, not in PHP or js code )
Hi, I have the same issue, however, I am reluctant to disable “X-Content-Type-Options: nosniff” due to security reasons.
Which MIME type does DHTMLX Spreadsheet require and can it be added somewhere?
Changing Spreadsheet’s sample “01_simple_init.html” to:
<script type="application/javascript" src="../codebase/spreadsheet.php"></script>
has no effect and the script remains blocked.
Thanks!