The "Block malicious downloads" feature prevents the HTML5 feature Server Sent Events (SSE) from working properly. As the SSE works over HTTP using text/event-stream as content-type it looks like a never-ending download. The scanner holds the SSE message until the channel breaks for some reason and hands over the message to the browser. This behavior prevents a reasonable use of SSE in a web application, which is a real pity. Are there any plans to resolve this issue in one of the next releases of Sophos Endpoint Software or do I have to live with that?
Using websockets or long polling is not what I want, because SSEs provide exactly what I need (part of HTTP, no resource intense polling, ....). As SSEs are part of the HTML5 standard your software should be aware of that and provide a real solution besides turning off the download protection which is not an option for my company. I read some threads about SSEs and download protection, but there is no clear statement from Sophos on how this problem will (or will not) be resolved in the future.
Could you please clarify that issue a little bit, so I can plan my next actions. If I have to switch to websockets, I'd like to know if I have to expect similar problems.
As a hint: If you really feel the need to scan every text download including text/event-stream ones, you can detect the individual messages by the trailing double-newline and hand over the single messages to the browser. This would be okay for me and would not sabotage every application that wants to use SSEs.
This thread was automatically locked due to age.