Hi,
I’m running a LAMP nextcloud and have installed Collabora through package manager. Both running on the same VPS. So far I can’t open any document with firefox, it complains about frame ancestor. Content-Security-Policy: The page’s settings blocked the loading of a resource (frame-ancestors) at <unknown> because it violates the following directive: “frame-ancestors 'self'”
For installation I followed this guide: Collabora integration guide - 📑 How to - Nextcloud community . In the admin interface I see a green check mark so connection is ok from there. I can also access CODE admin panel from outside.
For trouble shoot I followed this Cross-origin frame problems - #4 by darshan . But my problem seems to be different because setting the frame ancestor manually doesn’t help.
In firefox when I open cool.html
I see that the frame ancestors should be correctly set already.
<input type="hidden" id="initial-variables"
data-host = "wss://<office-url>"
data-service-root = ""
data-hexify-url = "false"
data-version-path = "b7ba9a23ba"
data-access-token = ""
data-access-token-ttl = "0"
data-access-header = ""
data-post-message-origin-ext = ""
data-cool-logging = ""
data-coolwsd-version = "24.04.13.3"
data-enable-welcome-message = "true"
data-auto-show-welcome = "false"
data-auto-show-feedback = "false"
data-allow-update-notification = "true"
data-user-interface-mode = "notebookbar"
data-use-integration-theme = "false"
data-statusbar-save-indicator = "true"
data-enable-macros-execution = "false"
data-enable-accessibility = "false"
data-out-of-focus-timeout-secs = "300"
data-idle-timeout-secs = "900"
data-min-saved-message-timeout-secs = "6";
data-protocol-debug = "false"
data-enable-debug = "false"
data-frame-ancestors = "%20<office-url>:%2A%20<nextcloud-url>:%2A"
data-socket-proxy = "false"
data-ui-defaults = "e30="
data-check-file-info-override = "{}"
data-deepl-enabled = "false"
data-zotero-enabled = "true"
data-document-signing-enabled = "true"
data-saved-ui-state = "true"
data-extra-export-formats = ""
data-wasm-enabled = "false"
data-indirection-url = ""
data-geolocation-setup = "%GEOLOCATION_SETUP%"
data-canvas-slideshow-enabled = "true"
/>
I’m out of ideas what went wrong. I noticed there’s an extra ;
in data-min-saved-message-timeout-secs
but I don’t know if this is relevant.
Best regards,
William