IE9 reports a security error when retrieving JSONP feed

[rileyw]

trafficstars

IE9 reports a security error due to the fact that the JSONP feed returned does not have the expected mime-type.

[rileyw]

Steve mentioned encoding results using base64 -- need to see if this is still a viable solution.

Is IE9 still reporting the security error? Tested today and did not encounter the security error; however, I'm installing IE Collections to test on older versions where I suspect the issue will still exist.

[steveathon]

Riley, it'd be good to know if this is still reporting the error. I guess we need to confirm which security zones are firing the errors off too. I have an XP instance that I can test on later.

[michaelcizmar]

Still and issue with IE10. However, this is not a bug in the stylesheet in my opinion. The GSA does not allow you to change the mimetype while it also emits X-Content-Type-Options: nosniff which causes IE to reject the content. There is FR:5355643 GSA should have a way to modify HTTP content-type header so that users can create an XSLT which renders other formats like JSON, CSV, you can add a proxy which changes the mimetype or look at a way to trick IE to allowing the content.

[jesconstantine]

Hi folks. @rileyw , is the error you're referring to "Script from ** was blocked due to mime type mismatch"?? I'm seeing this in chrome and IE. Did anyone find a workaround other than using a proxy? Thanks...