61
16.7 Legacy Series / Re: OpenVPN Client Export to OpenVPN Connect (iOS)
« on: September 29, 2016, 12:36:02 am »
Hi Ad... It served a download of an .ovpn file.
I did notice in the headers that nginx under pfSense is setting "X-Content-Type-Options: nosniff", while lighttpd under OPNSense is not...
And on OPNSense:
Is it possible that Mobile Safari is sniffing the MIME type and opting to display it instead of download it?
I did notice in the headers that nginx under pfSense is setting "X-Content-Type-Options: nosniff", while lighttpd under OPNSense is not...
Code: [Select]
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2016 22:13:41 GMT
Content-Type: application/octet-stream
Content-Length: 6009
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2016 22:13:41 GMT
X-Frame-Options: SAMEORIGIN
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma:
Cache-Control:
Content-Disposition: attachment; filename=config_filename.ovpn
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
And on OPNSense:
Code: [Select]
HTTP/1.1 200 OK
Expires: Sat, 01 Oct 2016 00:11:17 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: max-age=180000
Cache-Control:
X-Frame-Options: SAMEORIGIN
Set-Cookie: PHPSESSID=b5e138e40c6809e9c4af7d4c4b6b87f9; path=/; secure; HttpOnly
Pragma:
Content-Type: application/octet-stream
Content-Disposition: attachment; filename=config_filename.ovpn
Content-Length: 6016
Date: Wed, 28 Sep 2016 22:11:18 GMT
Server: lighttpd/1.4.41
Is it possible that Mobile Safari is sniffing the MIME type and opting to display it instead of download it?