Untrusted domains config not working

I use docker compose. Upgraded from 10.9.1 to 10.11.0 because I thought it would be a minor release without breaking changes. Now I can’t get in because of this untrusted domains prompt. But, adding my domains doesn’t work. I put them all in there

‘trusted_domains’ =>
array (
0 => ‘localhost’,
1 => ‘corsair-own-pub’,
2 => ‘corsair-own’,
3 => ‘corsair’,
4 => ‘10.0.0.21’,
5 => ‘corsair-own-pub:444’,
6 => ‘10.0.0.21:8080’,
),

Normally I connect via https://corsair-own-pub:444/. I can also optionally normally connect to https://corsair-own (prior to upgrade).

I cannot use localhost because I have it set to redirect to HTTPS. My default HTTPS on the machine for localhost is reserved for docker. So, I use HTTPD reverse proxy, which points to http://10.0.0.21:8080/

Is there a way I can turn this off so I can get back into Owncloud? I don’t care for this feature and just want to be able to use it again and access my data.

Note that since I’m already using named virtual hosting, even if I put it on the internet, it would be impossible for anyone to get to it via any host I don’t define in the reverse proxy HTTPD conf. So, this feature has no value to anyone using a reverse proxy with named virtual hosting. Even if it worked, It just creates dual maintenance.

Note that it does display the login screen when I use localhost:8080. I just can’t use that because of the HTTPS redirect. Plus, it is useless if nothing on the LAN can reach it.

Please use the forum search. You can not manually change the config.php file of the container. Please see You are accessing the server from an untrusted domain - #2 by rkaussow

Thank you. I did do a forum search, but apparently missed that one.

It did resolve my issue.

However, I still think this should have an option to disable this check, ideally by default. For those of us doing all our network configuration and security, including SSL, routing and domain and other checks outside of owncloud, this creates unnecessary dual maintenance and requires app specific configuration knowledge with no value.

In a software product I’m currently working, I have emphasized to our team repeatedly that we should not create friction for orgs using our software that want to handle security via standard methods outside our product, often through reverse proxies.

Those using standard methods with automation tools designed to support it, the last thing they want is PHP trying to do network security.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.