Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Paolo_Francese
Contributor

WebUI does not work with Firefox 56

Hi,

I'm experiencing WebUI (Gaia web portal) access problem after Firefox update to version 56.

When I connect to WebUI I see the login page and after typed the credential I get a white page.

I've this issue on open server management and 5000 and 23000 gateways R80.10 take 42.

Anyone else is experiencing this issue?

Is these any fix or workaround?

Thanks in advance

Bye

17 Replies
KennyManrique
Advisor

Hi Paolo,


I have the same problem after update to Firefox 56 on R80.10 Open Servers and also on R77.30 customer's appliances. When the password is wrong, I get back to the login page correctly; but when the password is correct, I get a white page and apparently no signs of loading.

It seems an error about how firefox handle CSS and JavaScript code on version 56:

The stylesheet https://firewallIP/login/ext-all.css was not loaded because its MIME type, "text/html", is not "text/css".  
The stylesheet https://firewallIP/login/login.css was not loaded because its MIME type, "text/html", is not "text/css".  
SyntaxError: expected expression, got '<'  ext-base.js:1
SyntaxError: expected expression, got '<'  ext-all.js:1
SyntaxError: expected expression, got '<'  login.js:1

For more details on JS: SyntaxError: Unexpected token - JavaScript | MDN 

I used the following tool Esprima: Syntax Validator  to analyze the sintaxis of the three .js files, and all of them are applarently correct.

Also verified mime.types file of Apache and all CSS are defined as text/css

[Expert@Hostname:0]# cat mime.types | grep css
text/css                                        css

On previous versions of Firefox and Chrome works correctly. So its a Firefox CSS engine problem maybe???

Regards.

Kenny Manrique.

Danny
Champion Champion
Champion

Its always best practice to use Google Chrome only to access the Gaia WebUI as Check Point develops and tests with this browser primarily. Same counts for all SMB appliances as you read on my 1400 Appliance FAQ. I've seen various glitches in Gaia WebUI when accessing it with other browsers.

Timothy_Hall
Legend Legend
Legend

I second the recommendation to always use the Chrome browser when interacting with the Gaia web interface, it is usually the fastest browser.  Internet Explorer works as well but always seems to be dog slow when interacting with the Gaia web interface for some reason.

--
My book "Max Power: Check Point Firewall Performance Optimization"
now available via http://maxpowerfirewalls.com.

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
0 Kudos
Danny
Champion Champion
Champion

Check Point recommends using the Google Chrome Browser as well in: sk121373

0 Kudos
PhoneBoy
Admin
Admin

Worth noting the SK suggests a possible workaround that you can obtain from the TAC.

0 Kudos
Hugo_vd_Kooij
Advisor

Somehow Check Point failed to read RFC 2318 it's only 19 years old 😉

<< We make miracles happen while you wait. The impossible jobs take just a wee bit longer. >>
0 Kudos
MrSaintz
Contributor

Hugo , with all due respect can you please clarify the argument?

All browsers can safely "read" Check Point content but Firefox, since they shifted some gear in latest updates I believe this started in version 54 actually.

There are multiple security fixes applied to their new webextention feature, and also around Java script, in Mozilla Forum there are multiple complaints like this after upgrade.

Starting 56 and still in 57, we can't even download tgz files from Check Point Usercenter , just out of nothing, I can no longer login using firefox to sony entertainment network and this example is completely out of scope here, is just to show other example, here firefox complains about cookie problem and nothing but an update has been performed, even in safe mode, and without any extentions/add-ons running.

(Ironic mode on) I guess firefox is the only browser doing things right...because no one else(browser) has issues such as this.

If this was security issue that by complying to your RFC could anyone be protected, all the other browsers would also stop working.

Don't mind me saying, Firefox is my first personal choice to browse, but lately, my confidence in it's ability to deliver as declined significantly.

Saying this, I'm totally against the idea that a single browser option should be even recommended publicly.

Carlos Santos
Hugo_vd_Kooij
Advisor

Carlos,

Check Point should have used the proper MIME types from the moment they started to write the code. That was after RFC 2318 saw the light of day. So it is rather obvious that Cascading Stylesheets should use the prescribed MIME type. And if it only toke almost 20 years before someone actually verified something that should be there for nearly 20 years, .... only proves how badly we still code our software today and think we can get away with it.

I admit: I am as lazy in this far too often.

But I would have appreciated it if someone would admit they just forgot to do the proper thing for so many years.

<< We make miracles happen while you wait. The impossible jobs take just a wee bit longer. >>
0 Kudos
MrSaintz
Contributor

Thanks Hugo, that seems a bit more clear, now. 

So, first I have no coding skills but from the reading of the RFC mime type should be set as text/css is this correct?

From Kenny’s post it sounds to me that Apache mime type settings should be ok here, no?

What is wrong, then? Where should we be looking at, server side, that is setting css files mime type has text/html instead of text/css?

Cheers

Carlos Santos
0 Kudos
Hugo_vd_Kooij
Advisor

Check Point is sending out the wrong MIME type. They have a fix for it if you open a ticket and mention the relevant SK.

<< We make miracles happen while you wait. The impossible jobs take just a wee bit longer. >>
Shmulik_Avramso
Employee Alumnus
Employee Alumnus

Hi,
We're aware of the issue.
A private HF was already provided to a customer.
Working on integrating the fix in JHFs.

Please open ticket to support for getting the fix.

Thanks,
Shmulik

Paolo_Francese
Contributor

Hi,

since I started this thread I think it's good also to say that the fix is explained in sk121373.

Bye

MrSaintz
Contributor

It’s a bit sad that R&D only took care of it when Chrome started failing too. 

I hope it won’t take the same time to be included in a Recommended Jumbo HotFix

Carlos Santos
0 Kudos
PhoneBoy
Admin
Admin

It's in the current ongoing JHF, which is a good start.

MrSaintz
Contributor

Thanks Dameon, I just saw it, good thing we can monitor on-going takes. 

Thanks for the heads-up on this.

Salutations,

Carlos

Carlos Santos
0 Kudos
Sal_Previtera
Contributor

Still not working in Check_Point_R77_30_JUMBO_HF_1_Bundle_T317_FULL...….with Firefox and Chrome.

Only works with MS Internet Explorer and MS Edge...

PhoneBoy
Admin
Admin

Not sure why it hasn't been integrated into the R77.30 JHF, but it is in the R80.10 ones.

In any case, the workaround provided in this thread should still work.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events