Zenoss ZenTech Community

Notice this morning that the graphs on remote collectors are no longer able to be navigated since the latest chrome update (42.0.2311.90).

"refused to execute script from "remote collector url" becuase MIME type ('image/png') is not executable".

we have all our collectors accessed via a nginx proxy so we don't have to open 8091 from all locations.

I notied i can replicate the issues with non chrome browsers by enforcing the header
add_header X-Content-Type-Options nosniff;
so looks like chrome is by default enforcing a new MIME security policy

Subject:	IMHO renderer must provide
Author:	Jan Garaj
Posted:	2015-04-20 14:40

IMHO renderer must provide correct header. Quick, dirty, not tested hack:
sed -i -e "s# request.setHeader('Content-type', mimetype)# if mimetype == 'image/png':\n mimetype = 'application/javascript'\n request.setHeader('Content-type', mimetype)#g" /opt/zenoss/Products/ZenRRD/zenrender.py

Devops Monitoring Expert advice: Dockerize/automate/monitor all the things.

DevOps stack: Docker / Kubernetes / Mesos / Zabbix / Zenoss / Grafana / Puppet / Ansible / Vagrant / Terraform / Elasticsearch

Subject:	Better formatting: https:/
Author:	Jan Garaj
Posted:	2015-04-22 16:19

Better formatting: https://gist.github.com/jangaraj/64b88b6eed7f8d0221e6

OK, one satisfied tester :-) Who is next
I would like to know what is broken after this hack.

https://jira.zenoss.com/browse/ZEN-17548

Subject:	hi jan.garaj, something broke
Author:	[Not Specified]
Posted:	2015-06-12 10:02

hi jan.garaj, something broke for me i wonder if you can help me, i used to add a code to the URL of the graphs to view a specific time laps, its broken now.
this is what i added to the end of the URL which returned an image of the graph: "&start=1434034530&end=1434035130"
its now returning code which i then have to save as a file and rename to .png to open.
This also hapens if you open a graph URL on another tab in chrome.

PNG

IHDRFdܵbKGD IDATxy|THHaa*DKmVA*a](P&X DT,b-XYDIu2I&3}qsof&;w;k2 r

regards

Subject:	I see the same behavior.
Author:	Jan Garaj
Posted:	2015-06-12 14:23

I see the same behavior. Unfortunately, you can't have everything in this case.

Or you will need to modify code and modify header only for Ajax requests (pseudocode only):
if mimetype == 'image/png' and isItAjaxRequest() == True:
mimetype = 'application/javascript'

Maybe you can try to use some additional GET parameter and use it as additional parameter in condition.

Subject:	thanks jan
Author:	[Not Specified]
Posted:	2015-06-12 14:52

thanks jan

Subject:	Did you succeed in getting
Author:	Thomas Luther
Posted:	2015-06-17 06:11

Did you succeed in getting this to work in both Ajax and normal Gets

I have been looking a bit on it, and I can't seem to find the big difference in the two calls (the direct GET to process and return RRD data, and the AJAX get that returns JSON).

Subject:	Fixed Issue
Author:	[Not Specified]
Posted:	2015-06-29 16:38

I have had Jan's fix in place now for a couple of weeks and all looks good.
Couple of things
The patch only needs to be applied on remote collectors
You need to restart zenrender for the patch to take affect.

Cheers for your help

Subject:	zenoss 4.24 chrome 42.0.2311.90 graphs non zoomable - Resolved
Author:	[Not Specified]
Posted:	2015-04-19 17:20

zenoss 4.24 chrome 42.0.2311.90 graphs non zoomable - Resolved