WOPI setup failing

Hi,

I wanted to integrate COOL in my product where my application server would be the WOPI host. I have setup my application server and the COOL server (native setup, no docker nor the like) in the same virtual private network (VPC).

My application server terminates SSL, so the COOL server is requested by HTTP (non-SSL). I have disabled SSL in /etc/coolwsd/coolwsd.xml.

When testing curl http://<ip-address>/hosting/discovery
… works as expected → good.

Now I’m testing a simple, fake WOPI request in Chrome like
http://<COOL-IP>:9980/cool/loleaflet/dist/loleaflet.html?WOPISrc=http%3A%2F%2F<my-app-server-domain>%2Fwopi%2Ffiles%2F123&access_token=AAA
… which fails since the socket is closed right away and I see this in the logs

Jul 07 06:31:11 localhost coolwsd[4434]: wsd-04434-04493 2025-07-07 06:31:11.716349 +0000 [ websrv_poll ] TRC  Decoding param [WOPISrc] = [http://<my-app-server-domain>/files/123] -> [WOPISrc] = [http://<my-app-server-domain>/wopi/files/123]| wsd/RequestDetails.cpp:49
Jul 07 06:31:11 localhost coolwsd[4434]: wsd-04434-04493 2025-07-07 06:31:11.716354 +0000 [ websrv_poll ] TRC  Decoding param [access_token] = [AAA] -> [access_token] = [AAA]| wsd/RequestDetails.cpp:49
Jul 07 06:31:11 localhost coolwsd[4434]: wsd-04434-04493 2025-07-07 06:31:11.716362 +0000 [ websrv_poll ] INF  #29: Post request: [/cool/loleaflet/dist/loleaflet.html?WOPISrc=http%3A%2F%2F<my-app-server-domain>%2Fwopi%2Ffiles%2F123&access_token=AAA]| wsd/ClientRequestDispatcher.cpp:1892
Jul 07 06:31:11 localhost coolwsd[4434]: [300B blob data]
Jul 07 06:31:11 localhost coolwsd[4434]: wsd-04434-04493 2025-07-07 06:31:11.716425 +0000 [ websrv_poll ] TRC  #29: Async shutdown requested.| net/Socket.hpp:1290
Jul 07 06:31:11 localhost coolwsd[4434]: wsd-04434-04493 2025-07-07 06:31:11.716427 +0000 [ websrv_poll ] TRC  #29: Ignore further input on socket.| net/Socket.hpp:390
Jul 07 06:31:11 localhost coolwsd[4434]: wsd-04434-04493 2025-07-07 06:31:11.716431 +0000 [ websrv_poll ] TRC  #29: Shutdown Signaled. Close Connection.| net/Socket.hpp:1746
Jul 07 06:31:11 localhost coolwsd[4434]: wsd-04434-04493 2025-07-07 06:31:11.716432 +0000 [ websrv_poll ] TRC  #29: Socket shutdown RDWR. StreamSocket[#29, HTTP, IPv6 @ [::ffff:188.192.37.16]:47298]| net/Socket.hpp:219
Jul 07 06:31:11 localhost coolwsd[4434]: wsd-04434-04493 2025-07-07 06:31:11.716440 +0000 [ websrv_poll ] TRC  #29: Closed. Firing onDisconnect.| net/Socket.hpp:1774
Jul 07 06:31:11 localhost coolwsd[4434]: wsd-04434-04493 2025-07-07 06:31:11.716442 +0000 [ websrv_poll ] TRC  Executing SocketDisposition of #29: Type::CLOSED| net/Socket.cpp:1058
Jul 07 06:31:11 localhost coolwsd[4434]: wsd-04434-04493 2025-07-07 06:31:11.716444 +0000 [ websrv_poll ] TRC  #29: StreamSocket dtor called with pending write: 0, read: 0| net/Socket.hpp:1242
Jul 07 06:31:11 localhost coolwsd[4434]: wsd-04434-04493 2025-07-07 06:31:11.716446 +0000 [ websrv_poll ] TRC  #29: Socket dtor| net/Socket.hpp:162

I added my-app-server-domain to /etc/coolwsd/coolwsd.xml like

<storage desc="Backend storage">
        <filesystem allow="false" />
        <wopi desc="Allow/deny wopi storage." allow="true">
            <host allow="true">my\-app\-server\-domain\.com</host>  

… - of course with the app server true domain - but this did not help.

I have a feeling I’m doing something substantially wrong when setting up WOPI, but don’t know what that would be.

Any help or pointer would be appreciated. Thanks in advance

Dierk

Hii @DierkDroth

The “socket closed right away” issue with COOL often indicates a problem with its connection to your WOPI host.

Please check the following key documentation:

How to Integrate Collabora Online: Focus on WOPI actions your app server needs to implement.
https://sdk.collaboraonline.com/docs/How_to_integrate.html

Collabora Online Configuration (coolwsd.xml): Crucial for wopi host regex and logging settings.
https://sdk.collaboraonline.com/docs/installation/Configuration.html

Troubleshooting Guide: Specific help for connection errors.
https://sdk.collaboraonline.com/docs/installation/Collabora_Online_Troubleshooting_Guide.html

Key checks for you:

coolwsd.xml Host Regex: Ensure it precisely matches your WOPISrc domain, including any ports.
WOPI Host CheckFileInfo: Verify your app server correctly responds to CheckFileInfo from the COOL server (e.g., via curl).
Logs: Set coolwsd.xml logging to trace for detailed error messages.

Reviewing these will likely pinpoint the issue.

Thanks
Darshan

Hi Darshan,

Thanks for your feedback.

I actually already have reviewed most of the info/links you provided.

However, there is one item where I haven’t found specific info for:

coolwsd.xml Host Regex: Ensure it precisely matches your WOPISrc domain, including any ports.

Would you have a coolxsd.xml sample snippet on how exactly I needed to edit coolwsd.xml to enable my WOPI host? I really have not found any samples on that aspect. Some info indicates it should go by RegEx, other info suggests it should be plain domain name. Some info suggests the hostname should be with scheme and/or port, other info suggest the exact opposite.

It would be great if you had specific info there. Thanks again

Hi @darshan,

I just ran

curl -X POST http://<COOL-IP>/hosting/wopiAccessCheck \
  -H "Content-Type: application/json" \
  -d '{"callbackUrl":"http://<my-app-server-domain>:8080"}'

… as per trouble shooting guide and got back {"status": "NotHttpSuccess"} which is expected and indicates that the connection between COOL WOPI and my app server is good.

Still the socket is closed right away, the COOL server does not call my app server on my test WOPI request as per my original post.

Do you have any idea what might be going wrong?

The NotHttpSuccess means COOL reached your app, but your /wopi/files/... isn’t returning a valid 200 OK with proper JSON. Check your logs, validate CheckFileInfo, and make sure tokens are handled.

Also, search past WOPI error topics in the forum — you’ll definitely find similar issues and fixes. But first, get your hands dirty and dig into the forum .
https://forum.collaboraonline.com/search?q=wopi

Hi @darshan,

Thanks for your follow up.

Unfortunately we’re not on the same track:

• my very problem is that the COOL server is not requesting my application server at all - I’m debugging my application server and can see that there is no request being made by COOL at all to my application server
• the curl test above however proves that my application server is accessible from the COOL server - again confirmed by debugging my application server. The actual return code "NotHttpSuccess" is irrelevant in that case since it only proves my point: the communication from COOL → my application server works in principle

In the COOL logs I see a POST request - I can’t tell what that is actually needed for, since the very first step of any WOPI communication - and my test case - would be a GET request.
Anyway, right after that POST request the socket is closed - and I don’t know why - and the client side gets an error 400. Most importantly: the WOPI request does not make it to my application server at all.

I already browsed the forum and available resources for days but still am stuck. So far, I was unable to find a comparable case.

Any pointer would be much appreciated

@DierkDroth

following points i have in my mind that might causing this issue

1. Bad or missing WOPISrc in client request

• COOL only initiates WOPI flow if it receives a valid WOPISrc URL in the client’s src or wopisrc parameter.
• Make sure your request to COOL (or the iframe embed) includes:

src=https://your-wopi-server:8080/wopi/files/123?access_token=abc

2. Missing WOPI <host> config

• Your <host> in coolwsd.xml must match the full origin of the WOPISrc, including scheme and port. Example:

<wopi>
    <host>^http://your-wopi-server:8080$</host>
</wopi>

3. Unsigned or malformed JWT (if used)

• If you’ve enabled token_secret, but don’t send a valid JWT, COOL aborts before making any WOPI calls.

What you should do now:

• Double-check the full WOPISrc passed into Collabora that’s the #1 cause for what you’re describing.
• Check for messages in coolwsd.log like:

wsd-00000-00000 2024-07-07 12:34:56.789123 [ websrv_poll ] ERR  WOPISrc not allowed: ...

• Try running COOL with --o:trace-curl if compiling from source, or enable more verbose logs if using Docker:

docker logs <cool-container> 2>&1 | grep -i wopi

Thanks for your follow up @darshan

To clarify:

• I’m not using docker but a native install
• I’m not using SSL but non-SSL (I have disabled SSL in /etc/coolwsd/coolwsd.xml)
• I’m not building nor compiling COOL. I only control the sources of my own application server (= WOPI host)
• nowhere in COOL logs I would see error messages related to WOPISrc. In fact the WOPISrc parameter is detected correctly in my request (please see logs in my original post)
• I’m running logging level = trace for now
• I’m not using any JWT

Your suggestion on <host>^http://your-wopi-server:8080$</host> is a bit confusing since ^ and $ suggest this should be a RegEx. However, if it should be a RegEx then other characters like / needed it be escaped. Could you please clarify?

Also, I checked the C++ code related to the strange POST request (wsd/ClientRequestDispatcher.cpp:1892): since I don’t see any further logs after the POST request and before the socket close I would think the logic falls through to the exception in the final else branch in line 2208.
So I wonder what could be wrong on my test request
curl -i 'http://<COOL-server-IP>:9980/cool/loleaflet/dist/loleaflet.html?WOPISrc=http%3A%2F%2F<my-app-server-domain>%3A8080%2Fwopi%2Ffiles%2F123&access_token=AAA'
… and why there is no GET request to my application server triggered but a POST request which as it appears throws the COOL internal exception.

Any further pointer would be much appreciated

@darshan

After much tinkering and analyzing the CODE source code I found that the path of my sample request /cool/loleaflet/dist/loleaflet.html was wrong but needed to be /browser/dist/cool.html to make COOL sending a CheckFileInfo request to my app server.

Unfortunately I nowhere in the docs/forum/etc. would have found that important piece of information. The step by step tutorial even holds an incorrect path. It certainly would help other users if the docs could be amended accordingly.

Thanks a lot for taking the time to dig into this and share your findings!

You’re right that the path needs to be /browser/dist/cool.html for Collabora Online to correctly send a CheckFileInfo request. Just to clarify, this is actually mentioned in the documentation — for example, in the section describing the construction of the URL using the discovery XML:

https://<WOPI client URL>:<port>/browser/<hash>/cool.html?WOPISrc=https://<WOPI host URL>/<...>/wopi/files/<id>

However, we completely understand how this might have been easy to overlook, especially if other parts of the guide weren’t clear or consistent enough.

Apologies for the confusion, and thanks again for pointing it out we’ll review and improve the docs to make this detail more prominent and easier to follow.

Thanks

@darshan

I saw the sample URL you pointed out before. However, the <hash> part did not make sense to me which is why I felt unable to apply it for my use case.