Error in Collabora Code: Content Security Policy (“frame-src”) and wrong scheme


This post was flagged by the community and is temporarily hidden.


For thouse who struggle with the same issue, you might want tor read what MDM webdocs are saying about frame-src.

I found out ownCloud is already modifying the CSP header in a way that collabora should be allowed. So without altering the CSP header my self mine looks like this:

default-src 'none';manifest-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self';connect-src 'self';media-src 'self';frame-src https://office.mydomain:443 blob:

My issue is not fixed though. As owncloud still wants to connect to collabora through http not through https. Which of course is blocked by the CSP rule.


Anyways here is how I fixed the issue.
Since I use the official the owncloud docker image that also uses a dockerd redis db.
I took down de redis image, and deleted it. After taking my hole installation up again, it suddenly worked again.