This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos AV blocks server-sent events (SSE) on Mac OS X Yosemite

This took me a long time to figure out, so I'm posting here in the hopes that Google searches save the next vicitim, or that Sophos can do a fix.

I was testing a website with Server-Sent Events, i.e. EventSource events sent from a CGI script to my browser. Everything worked fine when both the server and browser was on my computer.  But when I tried to connect to the production browser, I was unable to recieve events; all browsers simply hung.  

After some testing, I realized it was Sophos.  Specifically, turning off "General / Web Protection / Block Malicious Downloads.." fixed the problem.

Sophos needs to be fixed so that it does not do blocking read/write of HTTP data with stream headers with

   Content-Type: text/event-stream

I'm not sure how it's blocking; it might be due to internal buffering sizes being too big or some other problem.

Here's a test site:

http://neutrino.otterbein.edu/~tagg/streamtest/test.cgi

This SHOULD print the time four times immediately, then print the time every 5 seconds thereafter. 

And here's the code sending it:

#!/usr/bin/perl -w
use IO::Handle qw( );  # For flush
use Time::HiRes qw(usleep nanosleep gettimeofday);

print "Content-Type: text/event-stream\r\n";
print "Cache-Control: no-cache\r\n";
print "\r\n";

print "data: " . localtime() . "\n\n";STDOUT->flush();

print "data: " . localtime() . "\n\n";STDOUT->flush();

print "data: " . localtime() . "\n\n";STDOUT->flush();

print "data: " . localtime() . "\n\n";STDOUT->flush();


while(1) {

  sleep(5);
print "data: " . localtime . "\n\n";
STDOUT->flush();

Since I have users who I know use Sophos, I would be really happy if this could be fixed ASAP. Thanks!

:1021268


This thread was automatically locked due to age.
Parents
  • Is there any progress on that topic? We developed a web application using Server Sent Events and as we tried it out on windows machines in our institute, we saw that SSE messages are hold back by Sophos and only delivered when the connection is closed. Because SSEs are a modern HTML5 feature and perfectly suits our requirements for our application, we don't want to go back to long polling or websockets. I really like to know if we can expect any changes in the near future. Thank you.

Reply
  • Is there any progress on that topic? We developed a web application using Server Sent Events and as we tried it out on windows machines in our institute, we saw that SSE messages are hold back by Sophos and only delivered when the connection is closed. Because SSEs are a modern HTML5 feature and perfectly suits our requirements for our application, we don't want to go back to long polling or websockets. I really like to know if we can expect any changes in the near future. Thank you.

Children
No Data