Applies to all Barracuda Web Filter appliances on all versions of firmware.
The Barracuda Web Filter features the option to block content based on content type based on the MIME type specified in the HTTP header. This provides an important control measure for blocking specific file types, such as zip files or executables, which may contain viruses. However, the file type used in content is placed at the discretion of the content provider. Administrators researching the reason for a blockage may notice that the Web Log shows a block Reason of MIME Filtered. In the case of YouTube (or specifically, their streaming content domain googlevideo.com), the content type is labeled as application/octet-stream. Youtube does this because their content provider currently utilizes binary streaming for delivery. The application/octet-stream MIME type is a generic specification for any binary content per RFC 2045 and RFC 2046. The problem arises because executable files and other file types are also labeled using the application/octet-stream content type header field. In effect, blocking all executable files using a MIME type block of application/octet-stream will also block YouTube video playback. Unless YouTube changes their content type header in the future, the only way to rectify this issue is to use an exception to allow googlevideo.com.
In order to allow YouTube video playback while blocking executable files:
- First create an exception allowing googlevideo.com under Block/Accept>Exceptions.
- Next, add an entry for application/octet-stream under Block/Accept>MIME Type Blocking.
To verify the content type, you can run any packet sniffing application, such as Wireshark or Fiddler. We see that YouTube replies to a GET request with a stream of data labeled as Content-Type: application/octet-stream. Refer to the example packet below:
HTTP/1.1 200 OKLast-Modified: Sat, 09 Nov 2013 10:57:36 GMTDate: Mon, 11 Nov 2013 16:51:48 GMTExpires: Mon, 11 Nov 2013 16:51:48 GMTCache-Control: private, max-age=21287Content-Type: application/octet-streamAccept-Ranges: bytesContent-Length: 237568Alternate-Protocol: 80:quicX-Content-Type-Options: nosniffServer: gvs 1.0X-Cache: MISS from wf610.support.cuda-inc.comConnection: keep-alive
For a more extensive list of MIME types, please refer to Solution #00006335.
Link to this page: