Packet Disarray

Despatches from longb4

Cisco Web Authentication Login Page MIME Type Restrictions

I co-wrangle a few Cisco wireless LAN controllers (WLCs) that manage a variety of SSIDs, including some that authenticate users on a landing page. Webauth pages are in an interesting niche: they’re among the pages many users see daily, and yet their design quality does not tend to be proportional to their prominence. That shouldn’t be a surprise — the set intersection of Cisco wizards and web frontend designers is pretty small.

I’m not a Cisco wizard — but I could play one on TV, and somehow it has fallen to me to breathe new life into campus webauth landing pages. I wanted to use responsive design for optimal performance across phones, tablets, and computers, and images in SVG format that would look delightful at all zoom levels and pixel densities. My landing pages worked perfectly as served from an nginx testing server, but SVG logos failed to appear when uploaded as part of a webauth bundle and served on a testing SSID on the WLCs.

The WLCs were indeed serving the SVGs, but careful sleuthing in the network monitor du jour (in Firefox: Ctrl-Shift-k –> Network) showed that the WLCs were setting the Content-Type header of the SVG responses to application/octet-stream, rather than the appropriate image/svg+xml. Browsers were thus obeying the WLC web servers’ instructions to not show the SVGs as images. There is no reliable client-side (and client-friendly) way to get around this.

Eventually, I decided to replace the SVGs with PNGs of about double the horizontal and vertical resolution specified for the logo spans in CSS, which results in acceptable appearance when slightly zoomed in. It’s pretty silly that Cisco’s WLCs have such a limited set of supported MIME types.