Nextcloud version (eg, 29.0.5): 30.0.0
Operating system and version (eg, Ubuntu 24.04): Ubuntu 24.04
Apache or nginx version (eg, Apache 2.4.25): Apache/2.4.58
PHP version (eg, 8.3): PHP 8.3
Nextcloud is behind a NGINX reverse proxy on a different machine
Nextcloud Assistant not opening. No visible error message.
Error only visable, when examin side code.
Blocked by Content Security Policy.
Uncaught (in promise) SecurityError: Failed to construct ‘Worker’: Access to the script at ‘blob:https://xxx.xxx.de/8038e87c-c778-4502-943d-85b30b6bc8be’ is denied by the document’s Content Security Policy.
at sF (ScheduledEmptyConten…chunk.mjs:33:104081)
at ScheduledEmptyConten…chunk.mjs:33:110223
⚠️ This issue respects the following points: ⚠️
Bug description
Nextcloud version (eg, 29.0.5): 30.0.0 Operating system and version (eg, Ubuntu 24.04): Ubuntu 24.04 Apache or nginx version (eg, Apache 2.4.25): Apache/2.4.58 PHP version (eg, 8.3): PHP 8.3 Nextcloud is behind a NGINX reverse proxy on a different machine
Nextcloud Assistant not opening. No visible error message. Error only visable, when examin side code. Blocked by Content Security Policy.
Uncaught (in promise) SecurityError: Failed to construct ‘Worker’: Access to the script at ‘blob:https://xxx.xxx.de/8038e87c-c778-4502-943d-85b30b6bc8be’ is denied by the document’s Content Security Policy. at sF (ScheduledEmptyConten…chunk.mjs:33:104081) at ScheduledEmptyConten…chunk.mjs:33:110223
Issue dicribed by me here: https://help.nextcloud.com/t/nextcloud-assistant-blocked-by-content-security-policy/205977
Steps to reproduce
Expected behavior
Nextcloud Assistant window should show up
Nextcloud Server version
30
Operating system
Debian/Ubuntu
PHP engine version
PHP 8.3
Web server
Apache (supported)
Database engine version
MariaDB
Is this bug present after an update or on a fresh install?
Fresh Nextcloud Server install
Are you using the Nextcloud Server Encryption module?
None
What user-backends are you using?
Configuration report
{ "system": { "instanceid": "REMOVED SENSITIVE VALUE", "passwordsalt": "REMOVED SENSITIVE VALUE", "secret": "REMOVED SENSITIVE VALUE", "trusted_domains": [ "cloud.lem-support.de", "192.168.33.2" ], "trustedproxies": "REMOVED SENSITIVE VALUE", "datadirectory": "REMOVED SENSITIVE VALUE", "dbtype": "mysql", "version": "30.0.0.14", "overwrite.cli.url": "https:\/\/cloud.lem-support.de", "overwriteprotocol": "https", "overwritehost": "cloud.lem-support.de", "dbname": "REMOVED SENSITIVE VALUE", "dbhost": "REMOVED SENSITIVE VALUE", "dbport": "", "dbtableprefix": "oc", "mysql.utf8mb4": true, "dbuser": "REMOVED SENSITIVE VALUE", "dbpassword": "REMOVED SENSITIVE VALUE", "installed": true, "maintenance": false, "maintenance_window_start": 3, "memcache.local": "\OC\Memcache\Redis", "memcache.locking": "\OC\Memcache\Redis", "filelocking.enabled": "true", "redis": { "host": "REMOVED SENSITIVE VALUE", "port": 0, "timeout": 0 }, "default_phone_region": "DE", "mail_smtpmode": "smtp", "mail_smtpsecure": "ssl", "mail_sendmailmode": "smtp", "mail_from_address": "REMOVED SENSITIVE VALUE", "mail_domain": "REMOVED SENSITIVE VALUE", "mail_smtpauthtype": "LOGIN", "mail_smtpauth": 1, "mail_smtphost": "REMOVED SENSITIVE VALUE", "mail_smtpport": "465", "mail_smtpname": "REMOVED SENSITIVE VALUE", "mail_smtppassword": "REMOVED SENSITIVE VALUE", "log_type": "file", "logfile": "\/var\/log\/nextcloud.log", "loglevel": "2", "log_rotate_size": "104857600", "memories.db.triggers.fcu": true, "memories.exiftool": "\/var\/www\/nextcloud\/apps\/memories\/bin-ext\/exiftool-amd64-glibc", "memories.vod.path": "\/var\/www\/nextcloud\/apps\/memories\/bin-ext\/go-vod-amd64", "skeletondirectory": "", "memories.vod.ffmpeg": "\/usr\/bin\/ffmpeg", "memories.vod.ffprobe": "\/usr\/bin\/ffprobe" } }
List of activated Apps
Enabled:
Nextcloud Signing status
No errors have been found.
Nextcloud Logs
No response
Additional info
My solution was, to change the ContentSecurityPolicy.php
/var/www/nextcloud/lib/public/AppFramework/Http
Original:changed to