@utrautmann opened this Issue on October 19th 2022

Usage: Matomo Version 4.12.1 and new opt-out script without iframe (#17452).

Most websites have set the HTTP-Header x-content-type-options : nosniff.

In the case of this setting the new opt-out script is not working:
The browser console is logging "ressource is blocked because of MIME-Typ-conflict ("text/html")".

The behaviour occurs when I am use the Matomo tracker code snippet to set the opt-out.
The second snippet (self contained code) is working.

I don't know now if it's a bug or more of a documentation issue.

@bx80 commented on October 27th 2022 Contributor

Thanks for reporting this @utrautmann,

I've unsuccessfully tried to recreate this issue by enabling the HTTP-Header x-content-type-options : nosniff header locally and testing the tracker opt-out in Firefox and Chrome, but I didn't encounter any errors. From the console message you are seeing it sounds like the opt-out script is being sent with the content type "text/html" but in my tests it is "application/javascript; charset=utf-8".

If you can still create the issue, could you please check the content type request header of the index.php?module=CoreAdminHome&action=optOutJS..... network request to see if it is 'text/html' or 'application/javascript; charset=utf-8'?

@utrautmann commented on November 2nd 2022

Hello @bx80 ,
the content type header is 'text/html'.

@Findus23 commented on November 2nd 2022 Member


https://demo.matomo.org/index.php?module=CoreAdminHome&action=optOutJS returns content-type: application/javascript; charset=utf-8, so can you maybe check the content of that response?
Maybe it is showing a HTML error page instead of the Javascript it should return.

@utrautmann commented on November 2nd 2022

unfortunately my response was wrong because of usage of an incorrect url. The content-type is "application/javascript; charset=utf-8" too.
I will investigate it further to recognize some differences.

@utrautmann commented on November 2nd 2022

I looked into the topic again and came to the conclusion that there is no Matomo error here. There was a misconfiguration in proxy forward requests on the Matomo web server that was delivering an error page instead of the Matomo opt-out html.

Thank you for your patience.

This Issue was closed on November 2nd 2022
Powered by GitHub Issue Mirror