Incorrect content type for served web-vault files
Closed this issue · 1 comments
I am currently trying to deploy the SSO version of Vaultwarden, specifically timshel/vaultwarden:1.30.5-9
with SSO_FRONTEND=override
env variable.
I'm not even sure where the problem is originating from, but some statically served files (such as /theme_head.<hash>.js
or /app/polyfills.<hash>.js
) have incorrect content-type
being returned (despite being JS files, they return with content-type: text/html; charset=utf-8
which conflicts with the X-Content-Type-Options: nosniff
returned from the server.
This results with those files being blocked by the browser. If I remove the X-Content-Type-Options
header (on the reverse proxy level), I'm getting 404 for those files, even though they physically are on the server.
My apologies, it was an error on my side - my Kubernetes Service
didn't have specific enough selector
and it matched both the SSO version and non-SSO version, which probably caused the files to be fetched from the version that didn't have them.