Do some networks or browsers block binary file download from Cloudflare?

Hi all,

Has anyone seen instances of a corporate network or browser security policy blocking file downloads via Cloudflare that have a content-type: binary/octet-stream?

Context:

I recently updated our infrastructure to use Cloudflare. Cloudflare delivers images for https://www.cloudpano.com.

The infrastructure change was successful, but I am getting reports of one particular user in Arkansas, USA who can not view images delivered via Cloudflare.

The page at hand is: https://tour.shiningstarinteractive.com/tours/RLaFfGNLQOI

The user sees:

I and others from across the USA have no problem viewing this page. In fact, I have served over 4M requests and have not heard from any other users of problems across the globe.

So I am trying to figure out what may be causing this issue for the user. She claims she has tried from multiple devices. If true, it must be network related - all devices are on same network. I observe her screenshot indicates a VPN - maybe there is some security policy blocking the image?

The idea of a corporate network security policy being the culprit is further strengthened by this fact: The images are encoded as content-type: binary/octet-stream and downloading one results in a “may be a dangerous file” warning from Chrome. Perhaps networks and browsers don’t like this setup.

I just set up a worker to rewrite the content-type as image/jpeg, but I am waiting to hear back from the user - the chrome download warning is resolved now.

The user is non-technical and remote so it is difficult to do investigation - was hoping someone may have an idea of what is causing the problem for this particular user and if someone has seen something like this before.

Other details: We have end-to-end encryption: full (strict) set up and we auto upgrade http requests to https. I observed logs for this route and I saw a small number of 499 and 500 errors.

Bumping this as it was posted 3d ago but spam filter just release it today.

This topic was automatically closed after 30 days. New replies are no longer allowed.