when launching Nextcloud from Yunohost dashboard, it fails to load properly: the app itself is launched, but no user content are loaded. I’m using the default installation configuration with the Files app as default app. A number of errors are thrown in the console such as
Content Security Policy: Les paramètres de la page ont empêché le chargement d’une ressource à https://MY_DOMAIN/nextcloud/apps/federatedfilesharing/js/external.js?v=eb1f1364dff039217e3808a61da4c6e5 (« script-src 'nonce-cFFoUGkvSHF0anFKR3l4aS9NUGxMRWZTOHlVZlF5Y1hGUUdXTkViTE5qcz06MWtJV3VwbUZ3M1RoYldRd2hmdTlaeFd4aW1aWkQxZDVaa2JRZndxR1Vrbz0=' 'unsafe-eval' »)
When I force refresh the page load, I can then reach user contents and normally use the app.
I had a look in the logs, but nothing explains what the problem could be. Any idea?
Just a small message to tell you that I have the same behavior here using Firefox. After on refresh, it works perfectly.
I don’t see how to correct that.
For your information, there’s an open issue and a pending pull request to fix it. So hopefully it will get fixed in a near future
Thanks @JimboJoe. 2 months later, it looks like the pull request is still…pending.
@Djiko now you’ve met my everlasting optimism!
Unfortunately, this PR, while fixing the problem, is disabling Nextcloud-embedded CSP protection rules altogether (if I get it right) and the PR author hasn’t showed up in a while, so we haven’t come up with a satisfying fix yet…
I know someone stepped up to work on this a while ago, but to no success until now. So anyone on the forum with CSP knowledge can step in this subject, it will be much appreciated
@JimboJoe the world is missing optimistic people
I would have been happy to help, but CSP is not part of my skills unfortunately. Let’s hope some talented developer will show.