Horizon View BLAST error in Chrome browser

We did an update of our Horizon View environment from version 7.4 to version 7.5.1. After the update we noticed something strange. Everything was working except for the BLAST client on the Chrome browser. Other browsers didn’t give errors and worked, but Chrome threw the error: “Failed to connect to the Connection Server”.

After some searching in the VMware knowledge base, I found that the error has something to do with security. The View Security document talks about Cross-Origin Resource Sharing (CORS) as the feature that handles the policies in regard to HTTP request. ( This means that when an URL is used that is not the same as the listening domain, or when multiple domains are used, the policies can block access because the actions are considered not secure (like there could be a man in the middle attack).

In our case we have two URL’s to the Connection Servers. The first is a loadbalanced URL (http://ViewDesktop.LocalDomain) and the second is a direct URL to the Connection Server (http://HostName.LocalDomain). We noticed that the direct URL didn’t gave problems, but de loadbalanced URL did. So it seems clear that the problem must have something to do with CORS and in specific with the Chrome browser.

When we read a little bit further in the security documentation we’ll see an explanation for our Chrome problem: “Chrome extension clients set their initial Origin to their own identity. To allow connections to succeed, register the extension by adding a chromeExtension entry to the file”.

Now, all CORS related settings are set in the file called You can find the file on your View Connection and Security Servers in the folder C:\Program Files\VMware\VMware View\Server\sslgateway\conf\ and if it doesn’t yet exist, you can simply create it.

So now that we know the problem in the Chrome browser seems to be coming from a security feature, how do we fix the problem? There are multiple solutions to solve this problem, which all include the file.

  1. Disable CORS altogether. Not the most elegant solution.
  2. Set the checkOrigin property to “false”. This is probably not the option that you want. Though it works, it disables the security check. (
  3. Set the balancedHost property to the URL on which you connect. This is a good option as you specify the loadbalanced address that is used by View. (
  4. Set the property “chromeExtension.1=bpifadopbphhpkkcfohecfadckmpjmjd” in the file. This is the best option for us as it is tailored to the issue that we are facing. (

After you’ve set the file, you’ll need to reboot the server for the settings to take effect. And after a reboot you’re Chrome errors are gone.

“Citrix Receiver – Security Warning” explained and demystified

Author : Ingmar Verheij

Citrix Receiver - Security WarningWhen you’ve worked with a Citrix XenApp or XenDesktop environment you must be familiar with the Security Warning dialog. It prevents a remote machine (your hosted application or desktop) from accessing resources on the client device, a security boundary you want to protect when from unmanaged systems.

But on managed systems you want to prevent this message, you don’t want your users to be confronted with a message you tell them to accept (otherwise it won’t work and they’re to blame).

In this article I’ll explain why this message is displayed and how you can prevent it.

Read more