Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Theming app causes not loading of ressource due to csp #19748

Closed
JUVOJustin opened this issue Mar 2, 2020 · 3 comments
Closed

Theming app causes not loading of ressource due to csp #19748

JUVOJustin opened this issue Mar 2, 2020 · 3 comments
Labels
0. Needs triage Pending check for reproducibility or if it fits our roadmap bug feature: theming needs info stale Ticket or PR with no recent activity

Comments

@JUVOJustin
Copy link

JUVOJustin commented Mar 2, 2020
edited
Loading

Steps to reproduce

1.Update to NC 18
2.Have Theming App activated

Expected behaviour

Render the normal user interface with all icons

Actual behaviour

Stylings and icons are missing.

Server configuration

Operating system:
Debian:9.12

Web server:
Nginx

Database:
MariaDB 10.2.17

PHP version:
7.3.15

Nextcloud version:
18.0.1

Updated from an older Nextcloud/ownCloud or fresh install:
Updated form Nextcloud 17.0.3

Where did you install Nextcloud from:

Signing status:

Signing status 
No errors have been found.

List of activated apps:

App list 
Enabled:
  - activity: 2.11.0
  - admin_audit: 1.8.0
  - bruteforcesettings: 1.5.0
  - calendar: 2.0.1
  - cloud_federation_api: 1.1.0
  - comments: 1.8.0
  - contacts: 3.2.0
  - dav: 1.14.0
  - federatedfilesharing: 1.8.0
  - federation: 1.8.0
  - files: 1.13.1
  - files_external: 1.9.0
  - files_pdfviewer: 1.7.0
  - files_rightclick: 0.15.2
  - files_sharing: 1.10.1
  - files_trashbin: 1.8.0
  - files_versions: 1.11.0
  - files_videoplayer: 1.7.0
  - groupfolders: 6.0.1
  - groupquota: 0.1.2
  - logreader: 2.3.0
  - lookup_server_connector: 1.6.0
  - mail: 1.1.3
  - nextcloud_announcements: 1.7.0
  - notifications: 2.6.0
  - oauth2: 1.6.0
  - password_policy: 1.8.0
  - photos: 1.0.0
  - previewgenerator: 2.2.0
  - privacy: 1.2.0
  - provisioning_api: 1.8.0
  - ransomware_protection: 1.6.0
  - recommendations: 0.6.0
  - serverinfo: 1.8.0
  - settings: 1.0.0
  - sharebymail: 1.8.0
  - systemtags: 1.8.0
  - terms_of_service: 1.4.0
  - text: 2.0.0
  - theming: 1.9.0
  - twofactor_backupcodes: 1.7.0
  - twofactor_totp: 4.1.2
  - updatenotification: 1.8.0
  - viewer: 1.2.0
  - workflowengine: 2.0.0
Disabled:
  - accessibility
  - encryption
  - firstrunwizard
  - ransomware_detection
  - support
  - survey_client
  - user_ldap

Nextcloud configuration:

Config report 
{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "cloud.juvo-design.de"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "version": "18.0.1.3",
        "overwrite.cli.url": "https:\/\/cloud.juvo-design.de",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "appcodechecker": true,
        "auth.bruteforce.protection.enabled": true,
        "installed": true,
        "memcache.local": "\\OC\\Memcache\\APCu",
        "memcache.distributed": "\\OC\\Memcache\\Redis",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "objectstore": {
            "class": "\\OC\\Files\\ObjectStore\\S3",
            "arguments": {
                "bucket": "juvo-cloud",
                "autocreate": false,
                "key": "***REMOVED SENSITIVE VALUE***",
                "secret": "***REMOVED SENSITIVE VALUE***",
                "hostname": "s3.eu-central-1.wasabisys.com",
                "port": 443,
                "use_ssl": true,
                "region": "eu-central-1",
                "use_path_style": false
            }
        },
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "port": 6379
        },
        "updater.release.channel": "stable",
        "maintenance": false,
        "theme": "",
        "loglevel": 1,
        "trashbin_retention_obligation": "14,30",
        "versions_retention_obligation": "auto,30",
        "session_lifetime": 21600,
        "remember_login_cookie_lifetime": 43200,
        "session_keepalive": true,
        "default_language": "de",
        "default_locale": "de_DE",
        "skeletondirectory": "\/web\/nxskeleton",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpmode": "smtp",
        "mail_sendmailmode": "smtp",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpauthtype": "LOGIN",
        "mail_smtpauth": 1,
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
        "mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
        "enable_previews": true,
        "preview_max_x": 2048,
        "preview_max_y": 2048,
        "preview_max_filesize_image": 50,
        "enabledPreviewProviders": [
            "OC\\Preview\\PNG",
            "OC\\Preview\\JPEG",
            "OC\\Preview\\GIF",
            "OC\\Preview\\HEIC",
            "OC\\Preview\\BMP",
            "OC\\Preview\\XBitmap",
            "OC\\Preview\\MP3",
            "OC\\Preview\\TXT",
            "OC\\Preview\\MarkDown"
        ],
        "simpleSignUpLink.shown": false
    }
}

Are you using external storage, if yes which one: local/smb/sftp/...
S3 Storage Wasabi

Are you using encryption:
No

Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/...
No

Client configuration

Browser:
Firexfox, Chrome, Edge

Nextcloud log (data/nextcloud.log)

Nextcloud log 
{"reqId":"uEldZmUxUZQFCDHthCnV","level":2,"time":"2020-03-02T20:08:26+00:00","remoteAddr":"91.34.76.98","user":"Admin","app":"core","method":"GET","url":"/apps/files/","message":"Failed to compile and/or save /var/www/clients/client1/***/web/nextcloud/apps/activity/css/style.scss","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0","version":"18.0.1.3"}

Browser log

Browser log 
Content Security Policy: Die Einstellungen der Seite haben das Laden einer Ressource auf eval blockiert ("script-src").

The styling issues do not occur, when the theming app is disabled. After enabling it again, the error is back. Could be related to #17783
@JUVOJustin JUVOJustin added 0. Needs triage Pending check for reproducibility or if it fits our roadmap bug labels Mar 2, 2020
@JUVOJustin JUVOJustin mentioned this issue Mar 13, 2020
Closed
@michel-thomas
Copy link

The same with NC 17.0.5 on only one instance I manage.

Disabling an reenabling Theming make it works again.

@szaimen
Copy link
Contributor

szaimen commented Jun 7, 2021

Is this Issue still valid in NC21.0.2? If not, please close this issue. Thanks! :)

@ghost
Copy link

ghost commented Jul 7, 2021

This issue has been automatically marked as stale because it has not had recent activity and seems to be missing some essential information. It will be closed if no further activity occurs. Thank you for your contributions.

@ghost ghost added the stale Ticket or PR with no recent activity label Jul 7, 2021
@ghost ghost closed this as completed Jul 21, 2021
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
0. Needs triage Pending check for reproducibility or if it fits our roadmap bug feature: theming needs info stale Ticket or PR with no recent activity
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@nickvergessen @kesselb @michel-thomas @JUVOJustin @szaimen