Jump to content

Vojta

Members
  • Content Count

    11
  • Joined

  • Last visited

Profile Information

  • Location
    Czech Rep.

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Thanks it works. So what's next steps? How to fix it permanently without our users need to exclude our domain from checking? Should I report this issue somewhere else?
  2. I've attached diagnostics when trying to access our latest release. Is there anything that could help you solve the issue? Is there some workaround for our user other than completely disabling Web access protection? If I try Web access protection -> Url address management -> edit -> list of allowed addressess -> edit -> add "*.budgetbakers.com/*" and check "Notify when applying", then I see that URL was matched but the issue remains. What's the correct way to exclude our domain? Diagnostics.zip
  3. @Posolsvetla any update on this? Current release of https://web-board.budgetbakers.com causes the issue again. When I deploy the same release (the same Docker image) on another domain then it works fine.
  4. The issue is related to Chrome as well and I reproduced the issue in Virtualbox with Nod32 trial and fresh installation of Chrome and Firefox. I see in Chrome and Firefox that the certificate is valid but it is wrong certificate. But even in case of wrong/invalid certificate Nod32 should not silently modify resources. Nod32 should keep it as is and delegate validity check to a browser or display some warning, right?
  5. Sorry, old habbit, by IE I mean Edge, IE11 is generally unsupported browser.
  6. No, I'm sure that it it caused by Nod32, I have bug reports from our users and also I checked it by myself. Until I installed Nod32 then everything was ok and I also made some tests with or without Web Access protection that confirmed my suspicion. The issue happens on Firefox, Chrome and IE. Nod32 is favorite security software on Windows and we have no such report from Linux or Mac users. If it were browser bug we had more bug reports but we don't. Your behavior could be result of cached Javascript file with that garbage. Plese try it again with cache disabled.
  7. I'm not sure too because this issue happens only on one domain web-board.budgetbakers.com of 5 domains we use (including test environment), the resource modified is random even if we have no new release. Also behavior is different for different users. If it were caused by missing charset or other configuration then all resources would be modified, right? We use Docker images so all servers on all our domains have the same configuration.
  8. That's the issue, it is consequence of modified Javascript resource that caused fatal error which prevents app to start and hide the spinner. Also it is unfortunatelly the nondeterministic behavior of Nod32, it modifies Javascript resource on one machine but it works perfectly on another. @itman please could you upload log files as requested by @Marcos? I cannot reproduce the issue on my machne now.
  9. Now the web application works but the issue is visible on other resource, see attached screenshot where you can find some garbage at the end of source map request. Strange thing is that we don't have source maps on production. It might be some clue that the issue happens soon in the browser. When I try to download the resource with curl or wget the content is as expected but IE, Firefox, Chrome contains some garbage. I also packed Wireshark capture session and also found that Nod32 creates some Wireshark files. Is Wireshark files required or content of C:\ProgramData\ESET\ESET Security\Diagnostics is enough? eav_logs.zip web_access_protection_disabled.zip web_access_protection_enabled.zip
  10. extra dot at the end? try https://web-board.budgetbakers.com
  11. Hi, I've noticed that Nod32 modifies our Javascript resources and appends some garbage characters to the end (see attached screenshot) which causes Javascript syntax error and our web app does not start because of it. The resource could be downloaded from https://web-board.budgetbakers.com/3.board-669dedc0633412a24830.js but the link might be broken on next release so I've attached the file as well. Nod32 does not warn about some threat, if I submit the file manually it passeess the test. We have also web app on https://web.budgetbakers.com and some test environment domains but the issue is only on the production domain https://web-board.budgetbakers.com. The issue has random behavior on different releases (different Javascript bundles), sometimes it works fine, affected module changes and the garbage changes. Whitelisting our domain does not work. I have to pause Internet protection to make our web app work but it is unacceptable. So what's wrong and how to fix it? Where could I report this? 3.board-669dedc0633412a24830.js.txt
×
×
  • Create New...