Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Alex-
Leader Leader
Leader
Jump to solution

Chrome 77 & Sandblast Agent

Since Chrome update to version 77, it's impossible to open PDF anymore when the Sandblast Agent extension is present and the user doesn't have admin rights. Clicking on a link supposed to open a PDF opens a new tab with an empty page and "About:blank" in the URL.

If a user has admin rights, it works. If the tab is open in an incognito page, it works. Using IE (no agent there), it also works. Obviously, it's out of the question to give admin rights to the full user base. This behavior was seen with E80.92 & E81.30. If I uncheck "Protect web downloads" and choose "Do not emulate web content" in the policy for Antimalware & TP, nothing changes. Workaround now is to instruct users to go Incognito or use IE for some specific business-related websites, but it's not really handy. I couldn't find specific errors in the logs.

Any idea before I make a TAC case?

0 Kudos
1 Solution

Accepted Solutions
Paulo_Balau
Contributor

Hi!

Is there any fix.

I have a Doc Management it only works well on Chrome but AV does not let me to view the pdf on aside windows! It keeps downloading the file, not opening/presenting it automatically...

 

THX

Balau

 

View solution in original post

0 Kudos
6 Replies
Oren_Cohen
Employee Alumnus
Employee Alumnus

Hi Alexis,

We are aware of that issue and investigating it with our developers.

I'd suggest opening a case to TAC for monitoring.

Thanks,

0 Kudos
Alex-
Leader Leader
Leader

@Oren_Cohen 

Thank you for sharing this information, I will open a TAC case to get informed of the availability of a fix.

0 Kudos
Paulo_Balau
Contributor

Hi!

Is there any fix.

I have a Doc Management it only works well on Chrome but AV does not let me to view the pdf on aside windows! It keeps downloading the file, not opening/presenting it automatically...

 

THX

Balau

 

0 Kudos
itayhac
Employee Alumnus
Employee Alumnus

Hi,

if i understand the issue correctly, you are having trouble seeing pdf inline , and it downloads the file instead.

Due security reasons we are not supporting pdf inline view and we force the browser to download it instead.

we recomend to keep using it as it is, but if its compromises your work too much it is possible to turn off pdf files from being emulated. 

again, we dont recomend it but its possible.

i hope it answered your question, in any case feel free to contact us for further information 

0 Kudos
Svenson
Explorer

Hi,

I suppose that saying  "Due security reasons we are not supporting pdf inline view " is the same as saying there will never be a fix? 

Is it possible to make an exclusion on sitelevel in such a case? So if we do need inline PDF view on an intranet site the Sandblast agent will ignore this issue?

Kind regards,

Svenson

0 Kudos
Gal_Carmeli
Employee
Employee

Hi,

It will not be changed. We believe this is the right behavior: we are not allowing inline-pdf tools to work in order to protect the endpoint from undesired applications to breach the scrutiny.

However, exclusions will work: if you exclude the domain that contains the PDF from Threat-emulation and file download inspection, the inline PDF reader will work.

Thanks,
Gal.

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events