Collabora Online

Opening office documents sometimes fails

Installation & Configuration

uli-a September 3, 2024, 7:44am 1

Hello

I am running a Nextcloud server with multiple DNS aliases. When users try to open office documents this sometimes fails with the error message “Document loading failed”. In the console I see the following error message:

Content-Security-Policy: The page’s settings blocked the loading of a resource (form-action) at https://dns-alias-1.tld/apps/richdocumentscode/proxy.php?req=/browser/xxx/cool.html?WOPISrc=https%3A%2F%2Fdns-alias-2.tld%2Findex.php%2Fapps%2Frichdocuments%2Fwopi%2Ffiles%2F....odt&lang=en&closebutton=1&revisionhistory=1 because it violates the following directive: “form-action ‘self’ https://dns-alias-2.tld”

In the Network tab of the webdeveloper tools I do not see a call to the URL mentioned above.

When connecting to Nextcloud with one DNS alias why are documents loaded from another DNS alias? Is there any way to fix this?

darshan September 3, 2024, 9:37am 2

Hello @uli-a i see there are some configuration issues.

The error occurs because the document is being accessed from https://dns-alias-1.tld, but the form action is trying to submit to https://dns-alias-2.tld.
The CSP rule allows form submissions only to https://dns-alias-2.tld and self, which in this context would mean https://dns-alias-1.tld. However, since self is https://dns-alias-1.tld, but the form is targeting https://dns-alias-2.tld, the browser blocks the request as a security measure.
Why This Happens:
- This typically occurs when Nextcloud and Collabora Online are accessed via different DNS aliases, and there is an inconsistency in how they handle or route the requests.
- For instance, if a user accesses Nextcloud at https://dns-alias-1.tld and then tries to open a document, the request might be redirected to https://dns-alias-2.tld for the document processing (WOPI) by Collabora Online, triggering the CSP violation.

I would suggest if you should read this Multihost Configuration (Configuration — SDK https://sdk.collaboraonline.com/ documentation) this will help.

Collabora Online Configuration:

Update the coolwsd.xml or loolwsd.xml file on your Collabora server to handle multiple DNS aliases properly. Ensure the host settings cover all the aliases you’re using.
Make sure the frame_ancestors directive allows both DNS aliases if they are embedded in iframes.

Thanks,
Darshan

1 Like

uli-a September 3, 2024, 11:47am 3

Thanks for the very elaborate answer.

I am using the build-in CODE server of Nextcloud and did not find the configuration files you mentioned (coolwsd.xml/loolwsd.xml). Is there a way to do this for the build-in server as well?

darshan September 3, 2024, 12:05pm 4

@uli-a I see you are using build in.

So In your Nextcloud config.php, you can specify the overwritehost and overwriteprotocol settings to ensure consistent URLs are used, preventing such mismatches.

https://docs.nextcloud.com/server/21/admin_manual/configuration_server/reverse_proxy_configuration.html?highlight=overwrite#overwrite-parameters

Until you check your config file, I’ll continue digging through articles to see if this issue is mentioned or if there is a workaround available.

Thanks,
Darshan

darshan September 3, 2024, 12:09pm 5

@uli-a i found something in NC
forum Refused to send form data to .. because it violates the following Content Security Policy directive: "form-action 'self'" - 📄 Collabora - Nextcloud community

Topic		Replies	Views	Activity
Document loading failed Installation & Configuration	1	484	March 14, 2022
Nextcloud Office - Fails with different documents User Support	1	676	June 1, 2023
Infinite loading screen, Collabora Nextcloud	1	1458	October 9, 2022
Nextcloud integration fails after routine Collabora upgrade Installation & Configuration	7	268	August 6, 2024
Document upload failed - Collabora-office in Nextcloud Installation & Configuration	14	739	October 14, 2022

Documentation DEV: Build instructions DEV: COOL weekly meetings Buy the supported version 💜