"Download was not a valid extension of user script" error downloading Chrome extensions via WSS


Article ID: 209033


Updated On:


Web Security Service - WSS


Users accessing WSS with explicit Access method

SAML authentication enabled with cookie surrogates

When attempting to download extensions, it appears to start to download but then users see the following pop up message. Our WSS policy is configured to allow access to chrome.google.com site and category



Application does not like redirects during extension download. Through a combination of whitelisting sites that triggered 307 redirects for SAML, and bypassing SSL interception, we got this to work.


Explicit access method

SAML authentication enabled for users


Made following combination of changes to allow extensions to download to clients:

  • Auth bypass changes added for
    • googleusercontent.com
    • chrome.google.com
    • www.chromestatus.com
    • ssl.google-analytics.com
    • client2.google.com
  • SSL bypass entries for
    • googleusercontent.com
    • chrome.google.com
    • www.chromestatus.com

Additional Information

HAR files can be used to see what sites we are triggering 307 redirects to, and then whitelist these from authentication

The HTTP logs can be used to determine which SSL sites are being intercepted during download, and added to SSL intercept bypass list.