Chrome has started blocking azure blob storage downloads

0
votes

Starting last Friday it appears that Google/Chrome has started blocking some types of Azure Blob storage downloads that are exposed using a shared access signature.

Specifically, a PDF inside a ZIP file appears to generate the message that Chrome has blocked a dangerous file.

The exact same file can be downloaded using a non-shared access signature link, although it will still given an "uncommon" file download warning.

This happens when downloading from multiple blob storage accounts in multiple regions.

Has anybody else experienced this issue? If so, how did you resolve it?

Here is an example link. The first link is the direct download link, and the second is the shared access signature.

Direct: https://ghsstoragetest.blob.core.windows.net/testfile.zip

SAS: https://ghsstoragetest.blob.core.windows.net/$root/testfile.zip?st=2019-06-17T18%3A15%3A08Z&se=2020-06-18T18%3A15%3A00Z&sp=rl&sv=2018-03-28&sr=b&sig=LpgvNhL2dWLRo%2FB5iq2tvTR1dQcGLSDbtU6Yh7gV%2Bk4%3D

2
azuregoogle-chromeazure-blob-storage
Can you share an actual blob URL that’s giving the problem?Gaurav Mantri
Added the links.RMD
The links are working in version 75.0.3770.90lalo
This really doesn't seem at all related to Azure or Chrome, to be honest. And both of your links work fine with my (latest) version of Chrome (though I didn't actually download your zip, the link resulted in a save-as box immediately). Perhaps you have some network protection software or device doing the blocking? Have you tried via a different network, or with a different browser? In any case: this question would fall in the off-topic category for Stack Overflow as it's not programming related.David Makogon
Hi! We have the same problem! We have a zip with some images and a summary pdf on azure blob storage and from yesterday chrome is blocking our downloads! If we remove the PDF we have a uncommon file error.Mauro Valvano

2 Answers

0
votes

The same issue happended in my lastest Chrome Version 75.0.3770.90 (Official Build) (64-bit). I found that the mime type of the Content-Type value of your testfile.zip is application/x-zip-compressed as below which I think it's the cause reason.

enter image description here

So I tried to fix it via upload the same file to my blob container by Azure Storage Explorer. It shows the correct mime type application/zip as below, and I downloaded it without any Chrome alert.

enter image description here

Then, I manually changed its Content-Type value with application/x-zip-compressed, and generated its url with sas token for downloading, the same issue as yours happended again.

So I think the solution to fix is to set a correct mimetype for your file as Content-Type value.

0
votes

The same issue happended in 75.0.3770.100(Official Build). And I tried to change its Content-Type value to application/zip, it didn't work.

At last, I installed an older version Chrome (70.0.3538.102) to avoid the issue.

Updated on Jun 27: It seems that Google has fixed this issue. It doesn't trouble me now.