Warnings and errors in Firefox console

[1ndahous3]

Steps to reproduce

1. Go to "Files" tab
2. Open browser console

Expected behaviour

No errors or warning in Firefox console

Actual behaviour

A few errors and warnings in Firefox console

Server configuration

Operating system: Debian Buster

Web server: Nginx/1.13.12

Database: 10.1.29-MariaDB-6+b1

PHP version: PHP 7.2.4-1+b2

Nextcloud version: 14.0.0 Beta 1

Updated from an older Nextcloud/ownCloud or fresh install: updated from 13.0.5

Signing status:

Signing status

No errors have been found.

List of activated apps:

App list

Enabled:
  - accessibility: 1.0.1
  - activity: 2.7.0
  - bookmarks: 0.11.0
  - bruteforcesettings: 1.1.0
  - calendar: 1.6.1
  - cloud_federation_api: 0.0.1
  - comments: 1.4.0
  - contacts: 2.1.5
  - dav: 1.6.0
  - federatedfilesharing: 1.4.0
  - federation: 1.4.0
  - files: 1.9.0
  - files_pdfviewer: 1.3.2
  - files_sharing: 1.6.2
  - files_texteditor: 2.6.0
  - files_trashbin: 1.4.1
  - files_versions: 1.7.1
  - files_videoplayer: 1.3.0
  - firstrunwizard: 2.3.0
  - gallery: 18.1.0
  - logreader: 2.0.0
  - lookup_server_connector: 1.2.0
  - mail: 0.8.3
  - nextcloud_announcements: 1.3.0
  - notifications: 2.2.1
  - oauth2: 1.2.1
  - ocsms: 1.13.1
  - password_policy: 1.4.0
  - phonetrack: 0.2.8
  - provisioning_api: 1.4.0
  - serverinfo: 1.4.0
  - sharebymail: 1.4.0
  - support: 1.0.0
  - survey_client: 1.2.0
  - systemtags: 1.4.0
  - theming: 1.5.0
  - twofactor_backupcodes: 1.3.0
  - updatenotification: 1.4.1
  - workflowengine: 1.4.0
Disabled:
  - admin_audit
  - checksum
  - encryption
  - files_external
  - groupfolders
  - metadata
  - spreed
  - tasks
  - user_external
  - user_ldap

Nextcloud configuration:

Config report

{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": "***REMOVED SENSITIVE VALUE***",
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "overwrite.cli.url": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "version": "14.0.0.13",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "memcache.local": "\\OC\\Memcache\\APCu",
        "maintenance": false,
        "theme": "",
        "loglevel": 2,
        "updater.release.channel": "beta",
        "updater.secret": "***REMOVED SENSITIVE VALUE***"
    }
}

Are you using external storage, if yes which one: no

Are you using encryption: no

Are you using an external user-backend, if yes which one: no

Client configuration

Browser: 61.0.1 (64-bit)

Operating system: Debian Stretch

Logs

Nextcloud log (data/nextcloud.log)

Nextcloud log

Error | PHP | Undefined index: appstoreData at /var/www/nextcloud/settings/Controller/AppSettingsController.php#254
Error | PHP | Undefined index: classes at /var/www/nextcloud/apps/files/templates/appnavigation.php#67 | a few seconds ago
-- | -- | -- | --
Error | PHP | Undefined index: classes at /var/www/nextcloud/apps/files/templates/appnavigation.php#67 | a few seconds ago
Error | PHP | Undefined index: classes at /var/www/nextcloud/apps/files/templates/appnavigation.php#67 | a few seconds ago
Error | PHP | Undefined index: classes at /var/www/nextcloud/apps/files/templates/appnavigation.php#67 | a few seconds ago
Error | PHP | Invalid argument supplied for foreach() at /var/www/nextcloud/apps/files/lib/Controller/ViewController.php#177 | a few seconds ago
Error | PHP | count():  Parameter must be an array or an object that implements Countable at  /var/www/nextcloud/apps/files/lib/Controller/ViewController.php#169 | a few seconds ago
Error | core | Exception: Could not find category "_$!<Favorite>!$_" | a few seconds ago

Browser log

Browser log

Content Security Policy: Directive ‘child-src’ has been deprecated. Please use directive ‘worker-src’ to control workers, or directive ‘frame-src’ to control frames respectively.
Content Security Policy: The page’s settings blocked the loading of a resource at self (“script-src”). Source: ;!function(){var t,e,n,o=0,u=function(t,.... files:1
JQMIGRATE: Migrate is installed, version 1.4.0 core.js:7:542
Content Security Policy: The page’s settings blocked the loading of a resource at https://some.website/apps/files/ (“script-src”).
<script> source URI is not allowed in this document: “https://some.website/apps/notifications/js/notifications.js?v=91e7f44b-10”. files:53
unreachable code after return statement[Learn More] merged.js:1494:4
window.controllers/Controllers is deprecated. Do not use it for UA detection. merged.js:2171
New search handler registered search.js:66:4
querying Whats New data was successful: nocontent merged-template-prepend.js:4455:4
undefined merged-template-prepend.js:4456:4
unreachable code after return statement[Learn More] merged.js:1494:4 

Screenshots:

[nextcloud-bot]

GitMate.io thinks possibly related issues are #9795 (Upgrade error), #5115 (Stable 12, user page, console warning), #6299 (Fatal Errors), #7202 (Gallery Error), and #5944 (Encryption error.).

[weeman1337]

In a standard installation I don't see these errors.

@R0maNNN is the system running under a different URL than https://some.website/? Do you open the system via http or https?

[1ndahous3]

@weeman1337 system is running under https://some.website/ URL. It was turned off for a while, but now it's up.

[weeman1337]

I don't get these errors.. Could somebody else also check?

[Schmuuu]

Hello,

I don't see the exact same messages, but there are indeed warnings:

Content Security Policy: Doppelte frame-src-Direktiven wurden entdeckt. Alle außer der ersten Instanz werden ignoriert.
Content Security Policy: Die Direktive 'child-src' sollte nicht mehr verwendet werden. Bitte verwenden Sie stattdessen die Direktive 'worker-src' zum Kontrollieren von Workern bzw. die Direktive 'frame-src' zum Kontrollieren von Frames.
JQMIGRATE: Migrate is installed, version 1.4.0 core.js:7:542
Content Security Policy: Die Einstellungen der Seite haben das Laden einer Ressource auf data:font/woff;base64,d09GRgABAAAAAKD5AB... blockiert ("font-src").
Missing plural form in language file merged-template-prepend.js:3748:4
window.controllers/Controllers sollte nicht mehr verwendet werden. Verwenden Sie es nicht für die Browser-Erkennung. merged.js:2171
Content Security Policy: Die Einstellungen der Seite haben das Laden einer Ressource auf self blockiert ("script-src"). Source: window.klTabId_kis = 'firefox.tab.90551a.... files:1
Content Security Policy: Die Einstellungen der Seite haben das Laden einer Ressource auf self blockiert ("script-src"). Source: document.currentScript.setAttribute("res.... files:1
Source-Map-Fehler: TypeError: NetworkError when attempting to fetch resource.
Ressourcen-Adresse: https://my.server.tld/apps/files_markdown/build/styles.css?v=9904a304-26
Source-Map-Adresse: styles.css.map[Weitere Informationen]
Source-Map-Fehler: TypeError: NetworkError when attempting to fetch resource.
Ressourcen-Adresse: https://my.server.tld/core/vendor/core.js?v=2e3105cf-26
Source-Map-Adresse: purify.min.js.map[Weitere Informationen]
Source-Map-Fehler: TypeError: NetworkError when attempting to fetch resource.
Ressourcen-Adresse: https://my.server.tld/apps/files_markdown/build/editor.js?v=2e3105cf-26
Source-Map-Adresse: editor.js.map[Weitere Informationen]
Source-Map-Fehler: TypeError: NetworkError when attempting to fetch resource.
Ressourcen-Adresse: https://my.server.tld/apps/dicomviewer/js/app.bundle.js?v=2e3105cf-26
Source-Map-Adresse: app.bundle.js.map[Weitere Informationen]

I only know about the blocked script "Source: window.klTabId_kis", that this is Kaspersky Internet Security trying to do some code injection to analyze the traffic and it's absolutely fine, that this is blocked.

Maybe the number and types of warnings depend on the installed and enabled NC apps.

[1ndahous3]

@Schmuuu, yes, you're right. The reason of error is LastPass extension. There is no errors in console when it disabled, but deprecation and warning alerts are still output:

Content Security Policy: Directive ‘child-src’ has been deprecated. Please use directive ‘worker-src’ to control workers, or directive ‘frame-src’ to control frames respectively.
...
unreachable code after return statement [Learn More] merged.js:1494:4
...
window.controllers/Controllers is deprecated. Do not use it for UA detection. merged.js:2176

[MorrisJobke]

but deprecation and warning alerts are still output:

Those are mainly there for developers. Just ignore them for now.

Thanks for the feedback and debugging this topic. I will close this ticket for now as it was caused by an browser extension.