This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

AppPortal 2019 - Icons

Jump to solution
DustinMoore
By
Level 4

Anyone encounter an issue with Icons in Internet Explorer after the 2019 upgrade? We have some .jpg and some .png that will not load and give a black x for the icons. 

‎May 24, 2019 01:11 PM

(1) Solution

Jump to solution
CharlesW
By Level 12 Flexeran
Level 12 Flexeran

Dustin,
          In App Broker 2018R1 and later,  there was a change made to the web.config for the ESD site to improve security.. Specifically, "nosniff" was added as a custom header to the web.config for App Portal. If you were to remove this custom header then the icon would display.. The security issue is described nicely at the following URL: 

https://helmetjs.github.io/docs/dont-sniff-mimetype/ 

You could remove this new custom header from the web.config, but it is going to make the site slightly more insecure.. The typical work around would be to save the offending icon as a different type, such as .bmp, and then name it back to .png.. This typically removes any formatting which is triggering the behavior.. Note if you were to run Chrome/IE in developer mode, and viewed the console, you would see that an error was occurring when trying to load the icon.

It is important to note that this issue is related to the browser/icon, and is not directly related to App Portal.. The same behavior could be reproduced if you were to copy the icon to any site in IIS, if the nosniff header was set. 

Charles

View solution in original post

‎May 28, 2019 03:45 PM

0 Kudos
(2) Replies

Jump to solution
CharlesW
By Level 12 Flexeran
Level 12 Flexeran

Dustin,
          In App Broker 2018R1 and later,  there was a change made to the web.config for the ESD site to improve security.. Specifically, "nosniff" was added as a custom header to the web.config for App Portal. If you were to remove this custom header then the icon would display.. The security issue is described nicely at the following URL: 

https://helmetjs.github.io/docs/dont-sniff-mimetype/ 

You could remove this new custom header from the web.config, but it is going to make the site slightly more insecure.. The typical work around would be to save the offending icon as a different type, such as .bmp, and then name it back to .png.. This typically removes any formatting which is triggering the behavior.. Note if you were to run Chrome/IE in developer mode, and viewed the console, you would see that an error was occurring when trying to load the icon.

It is important to note that this issue is related to the browser/icon, and is not directly related to App Portal.. The same behavior could be reproduced if you were to copy the icon to any site in IIS, if the nosniff header was set. 

Charles

‎May 28, 2019 03:45 PM

0 Kudos

Jump to solution
DustinMoore
By
Level 4
In response to CharlesW

Thanks Charles! We don't want to mess with any security issues, so have already started down the path of changing to jpg/png. Appreciate the response!

‎May 28, 2019 03:53 PM

0 Kudos
Top Kudoed Authors
View all