Help us to improve our website!

We want to inspire you for our UCC solution! To do this, we use cookies to provide you with an optimal and personalised website experience. Clicking on "Accept all" allows us to process this data and share it with third-party providers in accordance with our privacy policy. Here you can also adjust the cookie settings at any time.
Technically necessary cookies
Statistics
Comfort
Accept all
Save selection

Why are images / buttons displayed incorrectly in the XPhone Connect Mobile app?

 
 

Problem:

Photos are displayed too large/small or buttons are moved in the mobile app after updating the XPhone server.

mobileapp-bild
mobileapp-praesenz
 
 

Cause:

If, for example, the WebApplicationFirewall from Sophos is used as a reverse proxy and the entry URL is hardened accordingly, it can happen that the stylesheet (CSS) is corrupt after an update of the XPhone server.

The stylesheets are provided by the XPhone server and loaded by the app. In the process, the stylesheets pass through the firewall. There the quotation marks (") are filtered out of the data URLs.


Solution:

To prevent the (") in the URL declaration from being filtered out, an additional exception must be created stating that HTML is passed through unchanged in URL hardening. Passing the URLs in quotes is considered a security risk by Sophos.

This only refers to the specification of the links, all other quotes in the CSS stylesheet are not filtered out.


To test for yourself:

You can check the behavior as follows:

Open the following mobile link from external (and replace <customerdomain>): https://<customerdomain>/xphoneconnect/mobile/content/css/default.min.css

You should be able tosee something like the following:

anfuehrungszeichen-url

CORRECT (with quotes after the parenthesis - see screenshot): url("data:image/svg+xml

FALSE (quotation mark after the parenthesis is missing): url(data:image/svg+xml

If the quotation marks (") are missing when calling from external, you can check with the following link locally on the XPhone server if the quotation marks (") are present there:

https://localhost/xphoneconnect/mobile/content/css/default.min.css

This way you can determine if the problem is on the XPhone server or in the customer's proxy configuration. If the quotation marks (") are present in the link, this proves that the problem is with the proxy/firewall.

Subscribe to our Newsletter

 
 
 
 
 
 
 

Thank you for subscribing. To confirm your subscription, please click the link in your registration email.

 
 

An error occured. Please try again.