[Bug]: Nextcloud Assistant Window not opening in Chrome

[ascheurer-rts]

⚠️ This issue respects the following points: ⚠️

• [x] This is a bug, not a question or a configuration/webserver/proxy issue.
• [x] This issue is not already reported on Github OR Nextcloud Community Forum (I've searched it).
• [x] Nextcloud Server is up to date. See Maintenance and Release Schedule for supported versions.
• [x] I agree to follow Nextcloud's Code of Conduct.

Bug description

Nextcloud version (eg, 29.0.5): 30.0.0 Operating system and version (eg, Ubuntu 24.04): Ubuntu 24.04 Apache or nginx version (eg, Apache 2.4.25): Apache/2.4.58 PHP version (eg, 8.3): PHP 8.3 Nextcloud is behind a NGINX reverse proxy on a different machine

Nextcloud Assistant not opening. No visible error message. Error only visable, when examin side code. Blocked by Content Security Policy.

Uncaught (in promise) SecurityError: Failed to construct ‘Worker’: Access to the script at ‘blob:https://xxx.xxx.de/8038e87c-c778-4502-943d-85b30b6bc8be’ is denied by the document’s Content Security Policy. at sF (ScheduledEmptyConten…chunk.mjs:33:104081) at ScheduledEmptyConten…chunk.mjs:33:110223

Issue dicribed by me here: https://help.nextcloud.com/t/nextcloud-assistant-blocked-by-content-security-policy/205977

Steps to reproduce

1. Fresh install Nextcloud 30 as LAMP stack
2. Install Nextcloud Assistant
3. Install OpenAI 6 LocalAI Integration
4. Try to open Nextcloud Assistant

Expected behavior

Nextcloud Assistant window should show up

Nextcloud Server version

30

Operating system

Debian/Ubuntu

PHP engine version

PHP 8.3

Web server

Apache (supported)

Database engine version

MariaDB

Is this bug present after an update or on a fresh install?

Fresh Nextcloud Server install

Are you using the Nextcloud Server Encryption module?

None

What user-backends are you using?

• [x] Default user-backend (database)
• [ ] LDAP/ Active Directory
• [ ] SSO - SAML
• [ ] Other

Configuration report

{ "system": { "instanceid": "REMOVED SENSITIVE VALUE", "passwordsalt": "REMOVED SENSITIVE VALUE", "secret": "REMOVED SENSITIVE VALUE", "trusted_domains": [ "cloud.lem-support.de", "192.168.33.2" ], "trustedproxies": "REMOVED SENSITIVE VALUE", "datadirectory": "REMOVED SENSITIVE VALUE", "dbtype": "mysql", "version": "30.0.0.14", "overwrite.cli.url": "https:\/\/cloud.lem-support.de", "overwriteprotocol": "https", "overwritehost": "cloud.lem-support.de", "dbname": "REMOVED SENSITIVE VALUE", "dbhost": "REMOVED SENSITIVE VALUE", "dbport": "", "dbtableprefix": "oc", "mysql.utf8mb4": true, "dbuser": "REMOVED SENSITIVE VALUE", "dbpassword": "REMOVED SENSITIVE VALUE", "installed": true, "maintenance": false, "maintenance_window_start": 3, "memcache.local": "\OC\Memcache\Redis", "memcache.locking": "\OC\Memcache\Redis", "filelocking.enabled": "true", "redis": { "host": "REMOVED SENSITIVE VALUE", "port": 0, "timeout": 0 }, "default_phone_region": "DE", "mail_smtpmode": "smtp", "mail_smtpsecure": "ssl", "mail_sendmailmode": "smtp", "mail_from_address": "REMOVED SENSITIVE VALUE", "mail_domain": "REMOVED SENSITIVE VALUE", "mail_smtpauthtype": "LOGIN", "mail_smtpauth": 1, "mail_smtphost": "REMOVED SENSITIVE VALUE", "mail_smtpport": "465", "mail_smtpname": "REMOVED SENSITIVE VALUE", "mail_smtppassword": "REMOVED SENSITIVE VALUE", "log_type": "file", "logfile": "\/var\/log\/nextcloud.log", "loglevel": "2", "log_rotate_size": "104857600", "memories.db.triggers.fcu": true, "memories.exiftool": "\/var\/www\/nextcloud\/apps\/memories\/bin-ext\/exiftool-amd64-glibc", "memories.vod.path": "\/var\/www\/nextcloud\/apps\/memories\/bin-ext\/go-vod-amd64", "skeletondirectory": "", "memories.vod.ffmpeg": "\/usr\/bin\/ffmpeg", "memories.vod.ffprobe": "\/usr\/bin\/ffprobe" } }

List of activated Apps

Enabled:

• activity: 3.0.0
• assistant: 2.1.0
• bruteforcesettings: 3.0.0
• calendar: 5.0.0
• circles: 30.0.0-dev
• cloud_federation_api: 1.13.0
• comments: 1.20.1
• contacts: 6.1.0
• contactsinteraction: 1.11.0
• dashboard: 7.10.0
• dav: 1.31.1
• federatedfilesharing: 1.20.0
• federation: 1.20.0
• files: 2.2.0
• files_downloadlimit: 3.0.0
• files_external: 1.22.0
• files_pdfviewer: 3.0.0
• files_reminders: 1.3.0
• files_sharing: 1.22.0
• files_trashbin: 1.20.1
• files_versions: 1.23.0
• firstrunwizard: 3.0.0
• imageconverter: 2.0.4
• integration_openai: 3.1.2
• logreader: 3.0.0
• lookup_server_connector: 1.18.0
• mail: 4.0.1
• memories: 7.4.1
• nextcloud_announcements: 2.0.0
• notes: 4.11.0
• notifications: 3.0.0
• oauth2: 1.18.1
• onlyoffice: 9.4.0
• password_policy: 2.0.0
• photos: 3.0.2
• previewgenerator: 5.6.0
• privacy: 2.0.0
• provisioning_api: 1.20.0
• recognize: 8.1.0
• recommendations: 3.0.0
• related_resources: 1.5.0
• richdocumentscode: 24.4.702
• serverinfo: 2.0.0
• settings: 1.13.0
• sharebymail: 1.20.0
• support: 2.0.0
• systemtags: 1.20.0
• text: 4.1.0
• theming: 2.5.0
• twofactor_backupcodes: 1.19.0
• twofactor_nextcloud_notification: 4.0.0
• twofactor_totp: 12.0.0-dev
• updatenotification: 1.20.0
• user_status: 1.10.0
• viewer: 3.0.0
• weather_status: 1.10.0
• webhook_listeners: 1.1.0-dev
• whiteboard: 1.0.2
• workflowengine: 2.12.0 Disabled:
• admin_audit: 1.20.0
• encryption: 2.18.0
• fulltextsearch: 30.0.0 (installed 30.0.0)
• survey_client: 2.0.0 (installed 2.0.0)
• suspicious_login: 8.0.0
• user_ldap: 1.21.0

Nextcloud Signing status

No errors have been found.

Nextcloud Logs

No response

Additional info

My solution was, to change the ContentSecurityPolicy.php /var/www/nextcloud/lib/public/AppFramework/Http Original:

    /** @var array Domains from which web-workers can be loaded */
    protected $allowedWorkerSrcDomains = [];

changed to

    /** @var array Domains from which web-workers can be loaded */
    protected $allowedWorkerSrcDomains = [
        '\'self\'', 
        'data:',
        'blob:',
    ];

[joshtrichards]

Duplicate of #138