Steps to reproduce
Load the main nextcloud page. (i.e. All Files)
Expected behaviour
Page to load without errors in console.
Actual behaviour
Get this error in Firefox's web console: (Firefox 64 https://whatismybrowser.com/w/DSQGWHK)
Content Security Policy: The page's settings blocked the loading of a resource at inline ("script-src").
Nb. this does not happen in Chromium.
Server configuration detail
Operating system: Linux 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u6 (2018-10-08) x86_64
Webserver: Apache/2.4.25 (Debian) (apache2handler)
Database: mysql 10.1.26
PHP version:
7.0.30-0+deb9u1
Modules loaded: Core, date, libxml, openssl, pcre, zlib, filter, hash, Reflection, SPL, session, standard, apache2handler, mysqlnd, PDO, xml, bz2, calendar, ctype, curl, dom, mbstring, fileinfo, ftp, gd, gettext, iconv, json, exif, mcrypt, mysqli, pdo_mysql, Phar, posix, readline, shmop, SimpleXML, sockets, sysvmsg, sysvsem, sysvshm, tokenizer, wddx, xmlreader, xmlwriter, xsl, zip, Zend OPcache, xdebug
Nextcloud version: 14.0.4 - 14.0.4.2
Updated from an older Nextcloud/ownCloud or fresh install:
Where did you install Nextcloud from: unknown
Signing status
Array
(
)
List of activated apps
Enabled:
- accessibility: 1.0.1
- activity: 2.7.0
- bookmarks: 0.14.2
- bookmarks_fulltextsearch: 1.0.0
- bruteforcesettings: 1.2.0
- cloud_federation_api: 0.0.1
- comments: 1.4.0
- contacts: 2.1.7
- dav: 1.6.0
- deck: 0.5.0
- federatedfilesharing: 1.4.0
- federation: 1.4.0
- files: 1.9.0
- files_external: 1.5.0
- files_linkeditor: 1.0.7
- files_markdown: 2.0.5
- files_mindmap: 0.0.10
- files_pdfviewer: 1.3.2
- files_rightclick: 0.8.4
- files_sharing: 1.6.2
- files_texteditor: 2.6.0
- files_trashbin: 1.4.1
- files_versions: 1.7.1
- files_videoplayer: 1.3.0
- firstrunwizard: 2.3.0
- fulltextsearch: 1.1.0
- gallery: 18.1.0
- issuetemplate: 0.4.0
- logreader: 2.0.0
- lookup_server_connector: 1.2.0
- mail: 0.11.0
- news: 13.0.3
- nextcloud_announcements: 1.3.0
- notes: 2.5.0
- notifications: 2.2.1
- oauth2: 1.2.1
- ownpad: 0.6.8
- password_policy: 1.4.0
- polls: 0.8.3
- provisioning_api: 1.4.0
- serverinfo: 1.4.0
- sharebymail: 1.4.0
- spreed: 4.0.1
- support: 1.0.0
- survey_client: 1.2.0
- systemtags: 1.4.0
- tasks: 0.9.8
- twofactor_backupcodes: 1.3.1
- updatenotification: 1.4.1
- workflowengine: 1.4.0
Disabled:
- admin_audit
- encryption
- theming
- user_external
- user_ldap
Configuration (config/config.php)
{
"instanceid": "***REMOVED SENSITIVE VALUE***",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
"**removed**"
],
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"overwrite.cli.url": "https:\/\/**removed**\/nextcloud",
"dbtype": "mysql",
"version": "14.0.4.2",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"htaccess.RewriteBase": "\/nextcloud",
"overwritewebroot": "\/nextcloud",
"theme": "",
"loglevel": 2,
"maintenance": false,
"updater.release.channel": "stable",
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_smtpmode": "smtp",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"updater.secret": "***REMOVED SENSITIVE VALUE***"
}
Are you using external storage, if yes which one: local/smb/sftp/...
Are you using encryption:
Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/...
Client configuration
Browser: Mozilla/5.0 (X11; Linux x86_64; rv:64.0) Gecko/20100101 Firefox/64.0
Operating system: Ubuntu 18.04
Logs
Browser log
Content Security Policy: Directive ‘child-src’ has been deprecated. Please use directive ‘worker-src’ to control workers, or directive ‘frame-src’ to control frames respectively.
Content Security Policy: The page's settings blocked the loading of a resource at inline ("script-src").
files:1:1
JQMIGRATE: Migrate is installed, version 1.4.0 core.js:7:542
window.controllers/Controllers is deprecated. Do not use it for UA detection. merged.js:2176
Nextcloud log
Browser log
Content Security Policy: Directive ‘child-src’ has been deprecated. Please use directive ‘worker-src’ to control workers, or directive ‘frame-src’ to control frames respectively.
Content Security Policy: The page's settings blocked the loading of a resource at inline ("script-src").
files:1:1
JQMIGRATE: Migrate is installed, version 1.4.0 core.js:7:542
window.controllers/Controllers is deprecated. Do not use it for UA detection. merged.js:2176
Steps to reproduce
Load the main nextcloud page. (i.e. All Files)
Expected behaviour
Page to load without errors in console.
Actual behaviour
Get this error in Firefox's web console: (Firefox 64 https://whatismybrowser.com/w/DSQGWHK)
Nb. this does not happen in Chromium.
Server configuration detail
Operating system: Linux 4.9.0-8-amd64 #1 SMP Debian 4.9.110-3+deb9u6 (2018-10-08) x86_64
Webserver: Apache/2.4.25 (Debian) (apache2handler)
Database: mysql 10.1.26
PHP version:
7.0.30-0+deb9u1
Modules loaded: Core, date, libxml, openssl, pcre, zlib, filter, hash, Reflection, SPL, session, standard, apache2handler, mysqlnd, PDO, xml, bz2, calendar, ctype, curl, dom, mbstring, fileinfo, ftp, gd, gettext, iconv, json, exif, mcrypt, mysqli, pdo_mysql, Phar, posix, readline, shmop, SimpleXML, sockets, sysvmsg, sysvsem, sysvshm, tokenizer, wddx, xmlreader, xmlwriter, xsl, zip, Zend OPcache, xdebug
Nextcloud version: 14.0.4 - 14.0.4.2
Updated from an older Nextcloud/ownCloud or fresh install:
Where did you install Nextcloud from: unknown
Signing status
Array
(
)
List of activated apps
Configuration (config/config.php)
Are you using external storage, if yes which one: local/smb/sftp/...
Are you using encryption:
Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/...
Client configuration
Browser: Mozilla/5.0 (X11; Linux x86_64; rv:64.0) Gecko/20100101 Firefox/64.0
Operating system: Ubuntu 18.04
Logs
Browser log
Nextcloud log
Browser log
Content Security Policy: Directive ‘child-src’ has been deprecated. Please use directive ‘worker-src’ to control workers, or directive ‘frame-src’ to control frames respectively.
Content Security Policy: The page's settings blocked the loading of a resource at inline ("script-src").
files:1:1
JQMIGRATE: Migrate is installed, version 1.4.0 core.js:7:542
window.controllers/Controllers is deprecated. Do not use it for UA detection. merged.js:2176