MIME error when publishing on subdomain

Jach0 · March 23, 2025, 11:34am

Hi, could you please help me resolve an issue with MIME?

After installing a local AI package on my cloud server, I am able to access it directly via the server IP. However, when I try to access it via my subdomain, I get a MIME error:

Failed to load module script: Expected a JavaScript module script but the server responded with a MIME type of “”. Strict MIME type checking is enforced for module scripts per HTML spec.

I have attempted to modify my Caddyfile, but the issue persists. After spending over 8 hours investigating, I am unable to resolve it.

Does anyone have suggestions on how to fix this?

leex279 · March 23, 2025, 11:40am

Hey, what did you try to add in the Caddyfile?

I would assume something like this in this first block:

{
    # Global options - works for both environments
    email {$LETSENCRYPT_EMAIL}
    # Ensure correct MIME types for JavaScript files
    mime .js application/javascript
}

Jach0 · March 23, 2025, 11:50am

I’m a total rookie and was trying to figure it out with the help of GPT. It suggested adding these lines to my Caddyfile:

@javascript path *.js
header @javascript Content-Type “application/javascript”

I tried this, but the issue still persists. Any suggestions on what I might have missed or done wrong?

leex279 · March 23, 2025, 11:51am

ok, I would suggest you just try what I posted above and if this is not working also, we go on

Jach0 · March 23, 2025, 12:10pm

Unfortunately Caddy is restarting all the time because it is not recognizing mime.

Log:
{“level”:“info”,“ts”:1742731548.627021,“msg”:“using config from file”,“file”:“/etc/caddy/Caddyfile”}
Error: adapting config using caddyfile: /etc/caddy/Caddyfile:5: unrecognized global option: mime

Screen of the code I put:

leex279 · March 23, 2025, 12:21pm

ah ok, sry. looks like this is not the correct syntax then for caddy. I searched more, but I also just found then the solution you got with the header.

its a bit different then yours. maybe just try this caddyfile (I dont have a testenvironment, so I cant verfiy at the moment myself).

{
    # Global options - works for both environments
    email {$LETSENCRYPT_EMAIL}
}

# N8N
{$N8N_HOSTNAME} {
    reverse_proxy localhost:5678
}

# Open WebUI
{$WEBUI_HOSTNAME} {
    reverse_proxy localhost:3000
}

# Flowise
{$FLOWISE_HOSTNAME} {
    reverse_proxy localhost:3001
}

# Ollama API
{$OLLAMA_HOSTNAME} {
    reverse_proxy localhost:11434
}

# Supabase
{$SUPABASE_HOSTNAME} {
    reverse_proxy localhost:8000
}

# SearXNG
{$SEARXNG_HOSTNAME} {
    encode zstd gzip

    @api {
        path /config
        path /healthz
        path /stats/errors
        path /stats/checker
    }
    @search {
        path /search
    }
    @imageproxy {
        path /image_proxy
    }
    @static {
        path /static/*
    }

    header {
        Content-Security-Policy "upgrade-insecure-requests; default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; form-action 'self' https://github.com/searxng/searxng/issues/new; font-src 'self'; frame-ancestors 'self'; base-uri 'self'; connect-src 'self' https://overpass-api.de; img-src * data:; frame-src https://www.youtube-nocookie.com https://player.vimeo.com https://www.dailymotion.com https://www.deezer.com https://www.mixcloud.com https://w.soundcloud.com https://embed.spotify.com;"
        Permissions-Policy "accelerometer=(),camera=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()"
        Referrer-Policy "no-referrer"
        Strict-Transport-Security "max-age=31536000"
        X-Content-Type-Options "nosniff"
        X-Robots-Tag "noindex, noarchive, nofollow"
        -Server
    }

    header @api {
        Access-Control-Allow-Methods "GET, OPTIONS"
        Access-Control-Allow-Origin "*"
    }

    route {
        header Cache-Control "max-age=0, no-store"
        header @search Cache-Control "max-age=5, private"
        header @imageproxy Cache-Control "max-age=604800, public"
        header @static Cache-Control "max-age=31536000, public, immutable"
    }

    # Set MIME type for .js files
    header @static Content-Type application/javascript

    reverse_proxy localhost:8080 {
        header_up X-Forwarded-Port {http.request.port}
        header_up X-Real-IP {http.request.remote.host}
        header_up Connection "close"
    }
}

Jach0 · March 23, 2025, 12:36pm

Checked this out but MIME does not give up and still blocking frontend:

“Failed to load module script: Expected a JavaScript module script but the server responded with a MIME type of “”. Strict MIME type checking is enforced for module scripts per HTML spec.”

To be honest I don’t mind using direct IP to the server - i will block other incoming traffic but crucial app which is N8N now is not working due to HTTPS.

I added N8N_SECURE_COOKIE in env file but does not work.
Should I put in different folder to access ?

leex279 · March 23, 2025, 12:43pm

ok, did you verify that the cookie env is really added to the container?

docker exec n8n env

Jach0 · March 23, 2025, 2:50pm

Yeah, that’s seem to be a problem, because it’s not there.

I’ ve added this env to docker-compose.yml:

Did I make a mistake adding there ?

leex279 · March 23, 2025, 3:10pm

I guess you need to reacreate the container.

docker-compose down

and then start up again

docker-compose up -d

then check again

Jach0 · March 23, 2025, 5:39pm

Still nothing
I tired even cloning just n8n but there was also a problem when I wanted to update a container with env.

Guess I have to spend some time recreate whole packaged locally and then try to repair but thank you so much for your immediate support and understanding