buenas a todos
A alguno le ha pasado que tras la migracion de version en la pantalla de archivos este continuamente refrescando con el error que indico en el asunto del hilo. en el debug de la pagina he visto esta alerta
refused to connect to http://…/index.php/apps/files’ because it violates the followin Content Security Policy directive: “connec-src ‘self’”
buenas a todos
English version from https://translate.google.com:
good morning everyone
Someone has happened that after the migration of the version on the file screen is constantly refreshing with the error indicated in the thread issue. in the page debug I have seen this alert
refused to connect to http: //…/index.php/apps/files ’because it violates the followin Content Security Policy directive:“ connec-src ‘self’ ”
if my spanish or my spanglish is correct you did an upgrade of ownCloud and now you have a wrong CSP that’s blocking the loading of the ressources. Let’s back up a bit.
- What was the upgrade like ? From what version did you upgrade ? And what’s the version now ?
- What’s your web stack (Apache, NGinx, … ?) Did you modify by yourself some HTTP headers ?
- Could you open the debug console on your web browser, try to load the page and show us a screenshot (hide what you don’t want to share such as the domain) ?
I don’t know if you speak english at all, I’m not a native speaker either, but try to give more information at first, there was a template which is helpful.
I think the category is wrong here, it’s more of a Server problem rather than Server-Apps, I’m no moderator, someone could move it if my assumption is relevant ?
I have made the update from version 9.1.6 to version 10.0.010
I work with Apache and only modify the access themes to the application.
I have seen that disabling the freeoffice pluging error has disappeared so I understand that this pluging should make a call to that policy that is restricted and that I do not know where to enable.
I attach the screenshot with the debug
thanks for your answer, well it does seems to be a violation of the CSP.
I don’t know the offilibre app but maybe it’s the one that modifies the CSP or break it.
Could you go to securityheaders.com and scan your ownCloud (tick hide the results if you don’t want to be listed) ? Then could you copy and paste the Content Security Policy field here ?
i think you should report this issue to the developer of this OffiLibre app.
I searched a little bit around and i think i have found the correct place for this in https://github.com/officeonlinesystems/owncloud_offilibre/ but it seems the app received the last update three years ago so i’m not sure if this is still working as expected on recent ownCloud versions.