In this article you will learn how an incorrect display of buttons / images in the XPhone Connect Mobile App occurs.
Photos are displayed too large/small or buttons are moved in the mobile app or the compelte design is not funktional after updating the XPhone server.
If, for example, the WebApplicationFirewall from Sophos is used as a reverse proxy and the entry URL is hardened accordingly, it can happen that the stylesheet (CSS) is corrupt after an update of the XPhone server.
The stylesheets are provided by the XPhone server and loaded by the app. In the process, the stylesheets pass through the firewall. There the quotation marks (") are filtered out of the data URLs.
To prevent the (") in the URL declaration from being filtered out, an additional exception must be created stating that HTML is passed through unchanged in URL hardening. Passing the URLs in quotes is considered a security risk by Sophos.
This only refers to the specification of the links, all other quotes in the CSS stylesheet are not filtered out.
To test for yourself:
You can check the behavior as follows:
Open the following mobile link from external (and replace <customerdomain>): https://<customerdomain>/xphoneconnect/mobile/content/css/default.min.css
You should be able tosee something like the following:
CORRECT (with quotes after the parenthesis - see screenshot):url("data:image/svg+xml
FALSE (quotation mark after the parenthesis is missing):url(data:image/svg+xml
If the quotation marks (") are missing when calling from external, you can check with the following link locally on the XPhone server if the quotation marks (") are present there:
This way you can determine if the problem is on the XPhone server or in the customer's proxy configuration. If the quotation marks (") are present in the link, this proves that the problem is with the proxy/firewall.