As of last week 1 10 I started getting an error in the conso NetSuite Professionals #suitecommerce

As of last week 1/10 I started getting an error in...

Bryce Krah

01/14/2025, 4:06 PM

As of last week 1/10 I started getting an error in the console for requesting the customFieldsMetadata file that says:

Copy code

Refused to execute script from '<https://www.domain.com/secure/customFieldsMetadata.ssp?t=1679932890576>' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.

This is causing the cart component to be unable to

setTransactionBodyField

for a custom field. Has anyone else started getting this error?

Steve Goldberg

01/14/2025, 4:19 PM

That is a super weird error to get. That should never be set to text/plain. You're not using a proxy or third-party CDN are you?

eminero

01/14/2025, 4:24 PM

I have been getting that error as well on different accounts.

Steve Goldberg

01/14/2025, 4:30 PM

bwah

Steve Goldberg

01/14/2025, 4:31 PM

I got nothing – please raise a case if it keeps happening (and you think you can replicate it!)

Bryce Krah

01/14/2025, 4:37 PM

No proxy or third-party CDN. I created a case so we'll see

Steve Goldberg

01/14/2025, 4:39 PM

Can you check your response headers on the network call for it and tell me if X-Content-Type-Options has been set, and its value is nosniff ?

Bryce Krah

01/14/2025, 4:42 PM

Yes, it has that value "nosniff"

Steve Goldberg

01/14/2025, 4:43 PM

Steve Goldberg

01/14/2025, 4:44 PM

So, what I think is happening is that the server has started setting that header (I am not aware of us making this change, so I would need to look into it) and in that one file, we have not explicitly set the MIME type in the response to be JavaScript. As we have told the browser not to try and detect its type, and we have not set a type, it's forced to assume it's plain text, which it obviously isn't.

Steve Goldberg

01/14/2025, 4:45 PM

But that is my theory.

Steve Goldberg

01/14/2025, 4:46 PM

Although, weirdly, when I look at the source, I can see this:

response.setContentType('JAVASCRIPT');

Steve Goldberg

01/14/2025, 4:46 PM

So now I'm confused :X

Steve Goldberg

01/14/2025, 4:47 PM

Let's see what support says 😄

Bryce Krah

01/14/2025, 4:48 PM

When you say source are you talking about in the customFieldsMetadata.ssp file?

Bryce Krah

01/14/2025, 4:49 PM

ah ok yeah i see that too, but we're on 2023.1 and its not present in that file

Bryce Krah

01/14/2025, 4:49 PM

only in the 2024.1 version

Bryce Krah

01/14/2025, 4:51 PM

I added it to the version we're on and it's working now no more error. Thanks @Steve Goldberg!

netsuite halo 1

Steve Goldberg

01/14/2025, 4:52 PM

Aha!

25 Views

Open in Slack

Previous Next