I'm running an apache web server that hosts some files. Say there's one file called Installer.jar
and I have a button to download that file. Around yesterday chrome started blocking this file for users trying to download it.
I ran a Virustotal on the jar file in question and no malware was found, and the jar file itself is open source and the link to the source code is listed below the download button as well. To verify this behaviour I tried uploading an example file, test.bat
with some random text and lo and behold, chrome blocks that file as well. I even tried uploading a known and trusted jar file - Google Gson - and chrome blocks that file as well, if it comes from my web server.
So it appears that chrome is blocking all files from being downloaded from my domain name. The server hosting the files is running behind CloudFlare and the server has been checked thoroughly and contains no malware and has not been hacked.
My initial thought after these discoveries is that my domain is on some kind of blacklist chrome uses, however, after extensive searching the domain is not blacklisted anywhere and checking the domain on transparencyreport.google.com
says the domain is safe and contains no malware. So why is chrome blocking my files and how can I unblock them?
I've been searching around the internet but no luck as to why this happens. The only things I found were that you should submit your site for a review on the Google Search Console, however, my site has no warnings on the Google Search Console so there is nothing I can do.
Update:
I should add that Firefox does also warn about the files from my server. Chrome blocks the download entierly and won't allow you to download it, and Firefox just warns the file may be dangerous but allows you to bypass it and save it anyway.
Another note, the file that I discovered this problem with, the Installer.jar
is able to be downloaded from another host, just not my server.
curl
andwget
?