The OnlyOffice app is getting blocked by content security policy. I haven’t found anything in the docs or Google on the preferred way to adjust the policy to allow the OnlyOffice app to work.
The closest I got was this comment: Error in Collabora Code: Content Security Policy (“frame-src”) - #3 by muhammadhanif
Is there a way to modify OwnClouds CSP without messing with HTTP headers?
Since it didn’t get covered by the questions in the template, I’m running docker containers for OwnCloud, Redis, MariaDB, and OnlyOffice behind HAProxy.
Oh, and I actually think I had OO working back when I set this instance up a few months ago, but then it fell to the wayside and I just was upgrading things today when I found that OO wasn’t working…
Steps to reproduce
- Try to load a document using OnlyOffice.
Expected behaviour
The document should load.
Actual behaviour
Just get an Owncloud frame with no document loaded.
In the console, I see:
Content Security Policy: The page’s settings blocked the loading of a resource at http://oo.example.org/6.4.2-6/web-apps/apps/documenteditor/main/index_loader.html?_dc=6.4.2-6&lang=en&customer=ONLYOFFICE&frameEditorId=iframeEditor&compact=true&parentOrigin=https://cloud.example.org (“frame-src”).
Server configuration
Operating system:
Official Docker Image owncloud/server:10.8
Web server:
Official Docker Image owncloud/server:10.8
Database:
Docker: library/mariadb:10
PHP version:
Official Docker Image owncloud/server:10.8
ownCloud version: (see ownCloud admin page)
Official Docker Image owncloud/server:10.8
Updated from an older ownCloud or fresh install:
Updated from 10.7 today.
Where did you install ownCloud from:
Docker
Signing status (ownCloud 9.0 and above):
Login as admin user into your ownCloud and access
http://example.com/index.php/settings/integrity/failed
paste the results into https://gist.github.com/ and puth the link here.
No errors have been found.
The content of config/config.php:
skipping for now
List of activated apps:
skipping for now
Are you using external storage, if yes which one: local/smb/sftp/…
No
Are you using encryption: yes/no
No
Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/…
Now
Client configuration
Browser:
Firefox
Operating system:
Linux
Logs
Web server error log
skipping for now
ownCloud log (data/owncloud.log)
skipping for now
Browser log
skipping for now