Support

Admin Tools

#31469 wepb image not visible with Reduce MIME type security risks turned ON in .htaccess maker

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by Lumiga on Tuesday, 25 June 2019 01:27 CDT

Friday, 21 June 2019 08:55 CDT

Lumiga
Hi,

I have issue serving webp images on my website. I know I have to put webp and WEBP to Finetuning: Backend and Front-end file types allowed in selected directories.

So it's no problem to see webp images on Edge and Firefox, but on Chrome it display only code.

So I found out that if I turn OF the "Reduce MIME type security risks" in the .htaccess maker the webp images showing up after a refresh. I have tested this several time's.

So if you want to serve webp images, I can't use this option security option?

Hope you can help me with this issue.

Kind regards,
Lumiga

Friday, 21 June 2019 09:57 CDT

nicholas
This is actually a server issue. Let me explain, it's a slightly convoluted :)

The Reduce MIME Type Security Risks adds a .htaccess rule which instructs the web server to send a "no sniff" HTTP header with every request. All modern browsers respect that header and will not try to guess the MIME type (media content type) of a file sent to them if the MIME type is not sent with the content.

Here comes the server bit. Web servers have a MIME type registry file. It tells them which files are which MIME type. This allows you to rename a JPEG file to foobar.bmp and have the server figure out that it's not a BMP file, it's a JPEG file, and tell the browser to parse it as a JPEG file by sending the correct MIME type. If your server's MIME type registry is missing the mapping for WEBP files then the web server does not send a MIME type and the browser has to figure it out by itself.

So here's the problem. You told the browser not to figure out missing MIME types but your server didn't send a MIME type. Therefore the browser puts its hands up in the air and says "I don't know what to do with this file!" and does not display it.

One possible fix is adding the following code to the .htaccess Maker's area for custom code to add at the top of the file:
<IfModule mod_mime.c>
  AddType image/webp .webp
  AddType image/webp .WEBP
</IfModule>

If your web server has the Apache MIME module enabled your images will work properly. If this doesn't work you need to temporarily disable the reduce MIME type security risks rule and ask your host to add the correct MIME type mapping for webp images.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Tuesday, 25 June 2019 01:27 CDT

Lumiga
Hi Nicholas,

Thank you very much for the extensive explanation and solution.

Kind regards,
Lumiga

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!