[Bug]: Content Security Policy (CSP) Error for preview-service-worker.js in files_sharing #55528
Description
⚠️ This issue respects the following points: ⚠️
- This is a bug, not a question or a configuration/webserver/proxy issue.
- This issue is not already reported on Github OR Nextcloud Community Forum (I've searched it).
- Nextcloud Server is up to date. See Maintenance and Release Schedule for supported versions.
- I agree to follow Nextcloud's Code of Conduct.
Bug description
Bug #39849 is about a problem where the Content-security-policy header does not include permission to load the right worker scripts.
In the activity your can see that the problem happens in configurations that do not include often-used addins like the Talk or Maps app and then it is fixed in the Files app. However, in the files_sharing app, the app that hosts files for external users that follow a share link, it is unfortunately not fixed.
That's rather unfortunate, as it isn't a great look if you show Nextcloud to external users and it doesn't work properly.
In the console you see messages like
Refused to load https://nextcloud.sitename/index.php/apps/files/preview-service-worker.js because it does not appear in the worker-src directive of the Content Security Policy.
I noticed this problem when I was researching why flipping through photos does not work on a share, I don't know if it would be resolved if this problem is resolved but it stands to reason. I don't really know where to add the patch from #39849 in the files_sharing app, otherwise I could try. But if someone is more knowledgeable with the source I hope it's not a hard problem.
Steps to reproduce
- Go to a share link (starts with https://nextcloud.sitename/s )
- Look in the web console
Expected behavior
No error messages
Nextcloud Server version
31
Operating system
Debian/Ubuntu
PHP engine version
PHP 8.3
Web server
Nginx
Database engine version
PostgreSQL
Is this bug present after an update or on a fresh install?
None
Are you using the Nextcloud Server Encryption module?
Encryption is Disabled
What user-backends are you using?
- Default user-backend (database)
- LDAP/ Active Directory
- SSO - SAML
- Other
Configuration report
{
"system": {
"instanceid": "***REMOVED SENSITIVE VALUE***",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
"nextcloud.***",
"nextcloud.***2"
],
"overwritehost": "nextcloud.***",
"trusted_proxies": "***REMOVED SENSITIVE VALUE***",
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"dbtype": "pgsql",
"version": "31.0.9.1",
"overwrite.cli.url": "https:\/\/nextcloud.***",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "",
"dbtableprefix": "oc_",
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"default_phone_region": "NL",
"installed": true,
"mail_smtpmode": "smtp",
"mail_sendmailmode": "smtp",
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"maintenance": false,
"data-fingerprint": "***",
"theme": "",
"loglevel": 0,
"memcache.local": "\\OC\\Memcache\\APCu",
"mail_smtpport": "1465",
"mail_smtpauthtype": "PLAIN",
"mail_smtpauth": 1,
"mail_smtpsecure": "ssl",
"mail_smtpname": "***REMOVED SENSITIVE VALUE***",
"mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
"filelocking.enabled": true,
"memcache.locking": "\\OC\\Memcache\\Redis",
"redis": {
"host": "***REMOVED SENSITIVE VALUE***",
"port": 0,
"timeout": 0,
"password": "***REMOVED SENSITIVE VALUE***"
},
"maintenance_window_start": 100,
"memories.db.triggers.fcu": true,
"memories.exiftool": "\/var\/www\/nextcloud\/apps\/memories\/bin-ext\/exiftool-amd64-glibc",
"memories.vod.path": "\/var\/www\/nextcloud\/apps\/memories\/bin-ext\/go-vod-amd64",
"enabledPreviewProviders": [
"OC\\Preview\\Image",
"OC\\Preview\\HEIC"
],
"memories.gis_type": 2,
"app_install_overwrite": [
"gpxpod"
]
}
}List of activated Apps
Enabled:
- activity: 4.0.0
- app_api: 5.0.2
- circles: 31.0.0
- cloud_federation_api: 1.14.0
- comments: 1.21.0
- contacts: 7.3.2
- contactsinteraction: 1.12.0
- dashboard: 7.11.0
- dav: 1.33.0
- federatedfilesharing: 1.21.0
- federation: 1.21.0
- files: 2.3.1
- files_downloadlimit: 4.0.0
- files_pdfviewer: 4.0.0
- files_reminders: 1.4.0
- files_sharing: 1.23.1
- files_trashbin: 1.21.0
- files_versions: 1.24.0
- firstrunwizard: 4.0.0
- gpxpod: 7.0.4
- logreader: 4.0.0
- lookup_server_connector: 1.19.0
- memories: 7.6.2
- nextcloud_announcements: 3.0.0
- notifications: 4.0.0
- oauth2: 1.19.1
- password_policy: 3.0.0
- photos: 4.0.0
- previewgenerator: 5.10.0
- privacy: 3.0.0
- profile: 1.0.0
- provisioning_api: 1.21.0
- recognize: 9.0.7
- recommendations: 4.0.0
- related_resources: 2.0.0
- serverinfo: 3.0.0
- settings: 1.14.0
- sharebymail: 1.21.0
- support: 3.0.0
- survey_client: 3.0.0
- systemtags: 1.21.1
- text: 5.0.0
- theming: 2.6.1
- twofactor_admin: 4.8.0
- twofactor_backupcodes: 1.20.0
- twofactor_totp: 13.0.0-dev.0
- updatenotification: 1.21.0
- user_status: 1.11.0
- viewer: 4.0.0
- weather_status: 1.11.0
- webhook_listeners: 1.2.0
- workflowengine: 2.13.0
Disabled:
- admin_audit: 1.21.0
- bruteforcesettings: 4.0.0 (installed 2.4.0)
- camerarawpreviews: 0.8.7 (installed 0.8.7)
- encryption: 2.19.0
- files_external: 1.23.0
- files_rightclick: 0.15.1 (installed 1.6.0)
- suspicious_login: 9.0.1
- twofactor_nextcloud_notification: 5.0.0
- user_ldap: 1.22.0Nextcloud Signing status
No errors have been found.Nextcloud Logs
Additional info
No response