connection.identity() failing due to strict MIME type checking

First of all, thank you so much for a library that’s a pleasure to use! The documentation makes this the nicest option for working with Salesforce that I’ve seen.

I currently have a React/Electron app that has been working great for half a year and I haven’t made any code changes for the past month. Last week I started getting the following error when making an identity() call after successfully logging in:

Refused to execute script from 'https://login.salesforce.com/id/...&callback=_jsforce_jsonpCallback_1' because its MIME type ('application/json') is not executable, and strict MIME type checking is enabled.

followed by:

JSONP call time out.

I’ve been using jsforce 1.7.1 this entire time and have made no code changes recently so I’m suspecting Salesforce has subtly changed some behavior that I’m unaware of. The response from the identity() call contains the X-Content-Type-Options: nosniff header so the error makes sense. I just don’t know if this is new behavior and why it’s breaking now. If this is new Salesforce behavior it may be causing unexpected headaches for jsforce.

Adding jsforce-ajax-proxy and configuring the proxyUrl option doesn’t seem to remedy this issue since jsforce is making direct calls to Salesforce for identity().

Here’s the simplest code snippet that reproduces the error:

var conn = new Connection({
  proxyUrl: 'http://localhost:3030/proxy/',
  loginUrl: 'https://login.salesforce.com'
});

conn.login(username, password, function(err) {
  conn.identity(function(err, res) {
    if (err) return console.error(err);
    console.log('never gets here');
  });
});

The proxy is identical to the middleware example you’ve provided here (again, thank you for your wonderful documentation!): https://github.com/jsforce/jsforce-ajax-proxy

I’m out of ideas and I would like to continue using jsforce if at all possible. Any assistance is greatly appreciated!