search

CollaboraOnline / richdocumentscode

Built-in CODE Server app
https://apps.nextcloud.com/apps/richdocumentscode
Apache License 2.0
117 stars 27 forks source link

richdocuments isn't running in HTTPS mode #282

Open purejosh opened 2 weeks ago

purejosh commented 2 weeks ago

Hello. I'm getting the following error (in the browser console) after installing the built-in CODE server, which happens whenever I try to open a document or spreadsheet: 

Mixed Content: The page at 'https://cloud.mydomain.com/apps/files/files/1267?dir=/&openfile=true' was loaded over HTTPS, but requested an insecure resource 'http://cloud.mydomain.com/custom_apps/richdocumentscode/proxy.php?req=/browser/ca2ed20/cool.html?WOPISrc=https%3A%2F%2Fcloud.mydomain.com%2Findex.php%2Fapps%2Frichdocuments%2Fwopi%2Ffiles%2F1267_oclx7cmhqv9y&title=%2FNew%20document.odt&lang=en&closebutton=1&revisionhistory=1'. This request has been blocked; the content must be served over HTTPS.

This is also accompanied by other errors, and the following screenshot is what shows in the web page:

Refused to send form data to 'http://cloud.mydomain.com/custom_apps/richdocumentscode/proxy.php?req=/browser/ca2ed20/cool.html?WOPISrc=https%3A%2F%2Fcloud.mydomain.com%2Findex.php%2Fapps%2Frichdocuments%2Fwopi%2Ffiles%2F1267_oclx7cmhqv9y&title=%2FNew%20document.odt&lang=en&closebutton=1&revisionhistory=1' because it violates the following Content Security Policy directive: "form-action 'self' https://cloud.mydomain.com".

image Document loading failed Failed to load Nextcloud Office - please try again later

So, if I'm understanding this correctly, the built-in CODE isn't running in HTTPS mode, and because my site is running in HTTPS, it errors out. How can I force richdocuments' built-in CODE server to run in HTTPS?

galandilias commented 6 days ago

I am experiencing the same - some debuging at my end:

coolwsd.log

wsd-21988-21988 2024-09-23 21:25:22.062301 +0200 [ coolwsd ] INF  SSL support: SSL is disabled.| wsd/COOLWSD.cpp:2519
wsd-21988-21988 2024-09-23 21:25:22.062309 +0200 [ coolwsd ] INF  SSL support: termination is disabled.| wsd/COOLWSD.cpp:2520

Pretty disturbing because up to my understanding (and collabora proxy configuration documentation) either of above should be set to true...

and same file but output filtered by ERR and FTL:

host /tmp/coolwsd.tuLXHxPQ5Q # tail -n500 coolwsd.log | grep -e ERR -e FTL
wsd-21988-21988 2024-09-23 21:25:22.065891 +0200 [ coolwsd ] ERR  Failed to bind-mount [/tmp/coolwsd.tuLXHxPQ5Q/systemplate/] -> [/tmp/coolwsd.tuLXHxPQ5Q/jails/21988-0c0300ad/cool_test_mount]| common/JailUtil.cpp:156
wsd-21988-21988 2024-09-23 21:25:22.065904 +0200 [ coolwsd ] ERR  Bind-Mounting fails and will be disabled for this run. To disable permanently set mount_jail_tree config entry in coolwsd.xml to false.| common/JailUtil.cpp:451
frk-21999-21999 2024-09-23 21:25:22.980574 +0200 [ coolforkit-ns ] ERR  Security: Running without the capability to enter a chroot jail is ill advised.| kit/ForKit.cpp:737
frk-21999-21999 2024-09-23 21:25:22.980583 +0200 [ coolforkit-ns ] ERR  Security: Running without the ability to filter system calls is ill advised.| kit/ForKit.cpp:744
frk-21999-21999 2024-09-23 21:25:22.983073 +0200 [ coolforkit-ns ] FTL  Failed to load /tmp/appimage_extracted_5391669c29c12ee24f8c51f02e3288d7/opt/collaboraoffice/program/libmergedlo.so:
frk-21999-21999 2024-09-23 21:25:22.983091 +0200 [ coolforkit-ns ] FTL  Failed to preinit lokit.| kit/ForKit.cpp:789
frk-21999-21999 2024-09-23 21:25:22.983104 +0200 [ coolforkit-ns ] FTL  Forced Exit with code: 70| common/Util.cpp:822