Disable Chrome strict MIME type checking

javascript jquery google-chrome angularjs

Is there any way to disable strict MIME type checking in Chrome.

Actually I'm making a JSONP request on cross domain. Its working fine on Firefox but, while using chrome its giving some error in console.

Refused to execute script from 'https://example.com' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.

Its working perfectly in Mozilla.. Issue is arising in chrome only

Here are the response Headers of the request..

Cache-Control:no-cache, no-store
Connection:Keep-Alive
Content-Length:29303
Content-Type:text/plain;charset=ISO-8859-1
Date: xxxx
Expires:-1
Keep-Alive:timeout=5
max-age:Thu, 01 Jan 1970 00:00:00 GMT
pragma:no-cache
Set-Cookie:xxxx
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options:nosniff
X-Frame-Options:SAMEORIGIN

Workaround what i think : Externally setting content-type to application/javascript


The server should respond with the correct MIME Type for JSONP application/javascript and your request should tell jQuery you are loading JSONP dataType: 'jsonp'

Please see this answer for further details ! You can also have a look a this one as it explains why loading .js file with text/plain won't work.


In my case, I turned off X-Content-Type-Options on nginx then works fine. But make sure this declines your security level a little. Would be a temporally fix.

# Not work
add_header X-Content-Type-Options nosniff;
# OK (comment out)
#add_header X-Content-Type-Options nosniff;

It'll be the same for apache. 

<IfModule mod_headers.c>
  #Header set X-Content-Type-Options nosniff
</IfModule>

also had same problem once,

if you are unable to solve the problem you can run the following command on command line
chrome.exe --user-data-dir="C://Chrome dev session" --disable-web-security

Note: you have to navigate to the installation path of your chrome.
For example:cd C:\Program Files\Google\Chrome\Application

A developer session chrome browser will be opened, you can now launch your app on the new chrome browse.
I hope this should be helpful

Related

How to list Kubernetes recently deleted pods?
How to stop user agent stylesheets from overriding my css
Advantages of using react-bootstrap over bootstrap
WeakReference/AsyncTask pattern in android
How to annotate Express middlewares with JSDoc?
Benefits of "Use Strict" in JS [duplicate]
Package vs Library
Display DIV at Cursor Position in Textarea [duplicate]
understanding nested generic classes in C# with quiz
Modify existing table style
sum of vlookup using array formula
Forgot the plug part of my laptop charger but have the bulk part that connects to laptop, Can i use the plug part only?