Error in Collabora Code: Content Security Policy (“frame-src”)

I installed collabora code on docker and integrated it to my owncloud. My docker host is behind the firewall (iptables DNAT). When I try to open a document, I got error in my browser:

Content Security Policy: The page’s settings blocked the loading of a resource at (“frame-src”).

Could you give me a direction to solve the problem?

Thank You.

1 Like

Now error CSP does not occur again after I added header configuration in my apache2. But, I find error when try to open a document:

Not Found

The requested URL /index.php/apps/richdocuments/WOPISrc= Document.docx&lang=en&closebutton=1&revisionhistory=1&permission=readonly was not found on this server.

I just solved the problem (Content Security Policy: frame-src) by adding this to the owncloud virtualhost:

Header set Content-Security-Policy: "frame-ancestors "
Header set Content-Security-Policy: "frame-src blob:;"
1 Like

I stumbled across the same issue with nginx. This should be added to the documentation. Either on owncloud/nextcloud side or on collabora. This is extremely annoying.


if there are any changes required to some documentation then i think it could make sense to report this to the app developer of the collabora app at