Issue with trusted domains while running the example

[max-tet]

I am attempting to run the example exactly like suggested in the Readme. However, the trusted_domains security feature of ownCloud seems to prevent it from working.

Fistly, I cannot access ownCloud at all after starting. I added

    environment:
      - OWNCLOUD_TRUSTED_DOMAINS=localhost

to the docker-compose.yml and that helped. I was under the impression that localhost ist trusted by default.

But then, opening documents in OnlyOffice does not work. It fails with "Download Failed".

In the log, I see errors like this:

onlyoffice-document-server  | [2022-11-08T08:08:10.739] [ERROR] [localhost] [conv_3048841145_jpeg] [userId] nodeJS - error downloadFile:url=http://nginx-server/apps/onlyoffice/download?doc=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhY3Rpb24iOiJkb3dubG9hZCIsImZpbGVJZCI6MTUsInVzZXJJZCI6ImFkbWluIn0.Xts--kEsipbC1Db_ibBx-t_Pd1GYF9ITs0RprOgtUpE;attempt=1;code:undefined;connect:undefined Error: Error response: statusCode:400; headers:{"server":"nginx/1.23.2","date":"Tue, 08 Nov 2022 08:08:10 GMT","content-type":"text/html; charset=UTF-8","content-length":"6764","connection":"keep-alive","x-content-type-options":"nosniff","x-xss-protection":"0","x-robots-tag":"none","x-frame-options":"SAMEORIGIN","x-download-options":"noopen","x-permitted-cross-domain-policies":"none","set-cookie":["ocpjuaeyq9a1=kggiu4g2m853166ohvfe6msc0h; path=/; HttpOnly; SameSite=Strict","oc_sessionPassphrase=cXZ7D34qIbi1f14BPjH8fHmgQnunNmWnMolB3dvavLF7jaw4xnpGIgzxQuCvpNIThhzoQJyLHFx40mXnLAJbVJ4qVV7HMOmbqJ3yAXkyxpBplXZ%2BH7uH70LHncnvTcTN; expires=Tue, 08-Nov-2022 08:28:10 GMT; Max-Age=1200; path=/; HttpOnly; SameSite=Strict"],"expires":"Thu, 19 Nov 1981 08:52:00 GMT","cache-control":"no-store, no-cache, must-revalidate","pragma":"no-cache","content-security-policy":"default-src 'self'; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *","status":"400 Bad Request"};

and this:

app-server                  | 172.21.0.3 - - [08/Nov/2022:08:08:10 +0000] "GET /apps/onlyoffice/download?doc=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhY3Rpb24iOiJkb3dubG9hZCIsImZpbGVJZCI6MTUsInVzZXJJZCI6ImFkbWluIn0.Xts--kEsipbC1Db_ibBx-t_Pd1GYF9ITs0RprOgtUpE HTTP/1.0" 400 7773 "-" "Node.js/6.13"

I suspect that the problem is again the trusted domains setting. I tried the download from my browser (http://localhost/apps/onlyoffice/download?doc=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhY3Rpb24iOiJkb3dubG9hZCIsImZpbGVJZCI6MTUsInVzZXJJZCI6ImFkbWluIn0.Xts--kEsipbC1Db_ibBx-t_Pd1GYF9ITs0RprOgtUpE) and that was successful, I got the file. Then I tried the download from within the OnlyOffice container using curl -v http://app-server:8080/apps/onlyoffice/download?doc=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhY3Rpb24iOiJkb3dubG9hZCIsImZpbGVJZCI6MTUsInVzZXJJZCI6ImFkbWluIn0.Xts--kEsipbC1Db_ibBx-t_Pd1GYF9ITs0RprOgtUpE. It failed with error 400 and I am getting the page containing "You are accessing the server from an untrusted domain.".

So, now I tried adding the name of the OnlyOffice container to the trusted domains like this:

    environment:
      - OWNCLOUD_TRUSTED_DOMAINS=localhost,onlyoffice-document-server

Unfortunately, that made no difference, same errors.

Now I don't know how to proceed. Any help would be appreciated!

[sieira]

Well, you just made my day.

Make sure you trust all domains are they are specified in your docker network. It worked in my case using

OWNCLOUD_TRUSTED_DOMAINS=(my web domain),owncloud,nginx-server,onlyoffice