Access Gateway: “Corrupted Content Error” when using FF7 or higher

“Corrupted Content Error” when logging on to a Citrix Access Gateway Enterprise/Web Interface for NetScaler with Mozilla Firefox 7 or Higher

I’m not yet sure if this is a Citrix issue or a Firefox issue since this problem occurs with a lot more websites with the new Firefox versions. On Citrix Access Gateway Enterprise it seems to occur when using Citrix Access Gateway Enterprise (NetScaler) and Citrix Web Interface for NetScaler (have not yet tested with Web Interface for Windows). Apparently Firefox does not like the fact that either the header Content-Length and/or Content-Disposition values change when passing from the Access Gateway to the Web Interface.

Firefox says web developers need to change there code, I have submitted a support case with Citrix Tech Support. Will let you know what the outcome will be for those interested.

Update: Citrix has confirmed this issue and is working on a solution which will be resolved in the next Citrix NetScaler firmware release. This is not a bug but a “security enhancement” from Firefox.

Update: Citrix Tech Support provided a temporary solution for this problem, copy and paste the rewrite action and policy into an SSH session and bind it globaly.

add rewrite action ReplaceContentLengthZeroHeader_act replace “HTTP.RES.FULL_HEADER.REGEX_SELECT(re!Content-Length: 0!)” “\”Cotnent-Length: 0\””

add rewrite policy ReplaceContentLengthZero_pol “HTTP.RES.STATUS.EQ(302) && HTTP.RES.FULL_HEADER.REGEX_MATCH(re!Content-Length: 0!) && HTTP.RES.FULL_HEADER.REGEX_MATCH(re!Location: .*/login.jsp!)” ReplaceContentLengthZeroHeader_act

bind rewrite global ReplaceContentLengthZero_pol 10 END -type RES_DEFAULT

image

About Henny Louwers
I work as a Consultant specialized in Application Delivery, Virtualization of Servers, Desktops and Apps.

10 Responses to Access Gateway: “Corrupted Content Error” when using FF7 or higher

  1. Ashwin Bahadoersing says:

    Hi Henny,

    Thank you, the solution is working fine!

    Gr, Ashwin

    Like

    • Hey Ashwin, Thanks for the feedback !

      Like

  2. Thx Henny!

    Like

  3. Donnie Norris says:

    You need to break it down to my technical expertise, rooky. Tell me what I need to do. I have been having this problem since I downloaded Firefox 7. I,m Vista, 64bit.

    Like

    • Donnie,

      The problem is not you but a security update of Firefox (and Chrome for that matter). It probably means the websites you visit have not yet updated to be compliant with Firefox browser 7 and up. The only thin you can do is downgrade to Firefox 6 or contact the website developer to update there site.

      Hope this helps.

      Like

  4. kolbicz says:

    this also fixed the problem of multiple header lenth in chrome! thanks a lot

    Like

    • Thanks for the feedback, didn’t know the problem (or security update) also was present on Google Chrome browser.

      Like

  5. Jochen says:

    Henny, many thanks for pushing us to the correct direction. Your fix works for Firefox 7/8/9 and Chrome, too (Opera seems to be unable to show the logon page). Obviously, Internet Explorer 7/8/9 doesn’t care for multiple Content Header objects …
    Some annotations: the problem is solved w/ NS9.3 Build 54.4.nc (Dec, 20th 2011) and next, don’t try to fix the rewrite action typo “Cotnent-Length: 0\” – it won’t work as expected.

    Anyway, good work!

    Like

    • Thanks for the positive feedback, appreciate it. (typo reinstated :-))

      Haha, sorry, reading your post too fast. Totally forgot about the deliberate typo …🙂

      Like

      • Jochen says:

        Hi Henny,

        I’m afraid, there’s a misunderstanding – please *don’t* fix the typo. Actually, that’s exactly the trick in oder to make the user’s web browser ignore multiple content header information. If there’s no typo in the rewrite action, the issue arises again; tested that w/ several browsers and their versions.

        Regards, Jochen.

        Like

%d bloggers like this: