search

nextcloud / server

☁️ Nextcloud server, a safe home for all your data
https://nextcloud.com
GNU Affero General Public License v3.0
26.76k stars 4k forks source link

[Bug]: v28 - Your webserver does not serve `.mjs` files using the JavaScript MIME type... #42989

Closed rchaconmolero closed 7 months ago

rchaconmolero commented 8 months ago

⚠️ This issue respects the following points: ⚠️

Bug description

After upgrade from 28.0.1 to 28.0.2 RC1 appears in security and setup warning page: There are some errors regarding your setup. Your webserver does not serve .mjs files using the JavaScript MIME type. This will break some apps by preventing browsers from executing the JavaScript files. You should configure your webserver to serve .mjs files with either the text/javascript or application/javascript MIME type.

Steps to reproduce

  1. Upgrade vie Web GUI.
  2. No error in upgrade process.
  3. There are some errors regarding your setup. Your webserver does not serve .mjs files using the JavaScript MIME type. This will break some apps by preventing browsers from executing the JavaScript files. You should configure your webserver to serve .mjs files with either the text/javascript or application/javascript MIME type.

Expected behavior

No messages about "Your webserver does not serve .mjs files using the JavaScript MIME type."

Installation method

Community Manual installation with Archive

Nextcloud Server version

28

Operating system

Debian/Ubuntu

PHP engine version

PHP 8.1

Web server

Apache (supported)

Database engine version

None

Is this bug present after an update or on a fresh install?

Updated from a MINOR version (ex. 22.1 to 22.2)

Are you using the Nextcloud Server Encryption module?

Encryption is Disabled

What user-backends are you using?

Configuration report

# sudo -u www-data php /var/www/nextcloud/occ config:list system
{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "localhost",
            "next01d.canal-sur.interno"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "version": "28.0.2.0",
        "overwrite.cli.url": "https:\/\/next01d.canal-sur.interno\/",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "filelocking.enabled": "true",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "memcache.local": "\\OC\\Memcache\\APCu",
        "memcache.distributed": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "port": 0,
            "dbindex": 0,
            "password": "***REMOVED SENSITIVE VALUE***",
            "timeout": 1.5
        },
        "default_phone_region": "ES",
        "mail_smtpmode": "smtp",
        "mail_sendmailmode": "smtp",
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpport": "587",
        "mail_smtpauth": 1,
        "mail_smtpauthtype": "LOGIN",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpdebug": true,
        "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
        "mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpstreamoptions": {
            "ssl": {
                "verify_peer": false,
                "verify_peer_name": false
            }
        },
        "htaccess.RewriteBase": "\/",
        "updater.release.channel": "beta",
        "maintenance": false,
        "theme": "",
        "loglevel": 2,
        "twofactor_enforced": "false",
        "twofactor_enforced_groups": [],
        "twofactor_enforced_excluded_groups": [],
        "app_install_overwrite": [
            "twofactor_admin"
        ],
        "logfile": "\/var\/log\/nextcloud\/nextcloud.log",
        "logtimezone": "Europe\/Madrid",
        "log.condition": {
            "apps": [
                "admin_audit"
            ]
        },
        "logfile_audit": "\/var\/log\/nextcloud\/nextcloud.log",
        "trashbin_retention_obligation": "auto, 7",
        "versions_retention_obligation": "auto, 7",
        "allow_user_to_change_display_name": false,
        "activity_expire_days": 1,
        "ldapProviderFactory": "OCA\\User_LDAP\\LDAPProviderFactory",
        "ldapUserCleanupInterval": 30,
        "session_lifetime": 86400,
        "remember_login_cookie_lifetime": "0",
        "session_keepalive": "false",
        "preview_max_x": 1024,
        "preview_max_y": 768,
        "preview_max_scale_factor": 1,
        "updater.secret": "***REMOVED SENSITIVE VALUE***",
        "maintenance_window_start": 17
    }
}

List of activated Apps

# sudo -u www-data php /var/www/nextcloud/occ app:list
Enabled:
  - activity: 2.20.0
  - admin_audit: 1.18.0
  - bruteforcesettings: 2.8.0
  - circles: 28.0.0-dev
  - cloud_federation_api: 1.11.0
  - comments: 1.18.0
  - contacts: 5.5.1
  - contactsinteraction: 1.9.0
  - dashboard: 7.8.0
  - dav: 1.29.1
  - federatedfilesharing: 1.18.0
  - federation: 1.18.0
  - files: 2.0.0
  - files_accesscontrol: 1.18.0
  - files_automatedtagging: 1.18.0
  - files_external: 1.20.0
  - files_pdfviewer: 2.9.0
  - files_reminders: 1.1.0
  - files_sharing: 1.20.0
  - files_trashbin: 1.18.0
  - files_versions: 1.21.0
  - groupfolders: 16.0.3
  - impersonate: 1.15.0
  - logreader: 2.13.0
  - lookup_server_connector: 1.16.0
  - nextcloud_announcements: 1.17.0
  - notifications: 2.16.0
  - oauth2: 1.16.3
  - onlyoffice: 9.0.0
  - password_policy: 1.18.0
  - photos: 2.4.0
  - privacy: 1.12.0
  - provisioning_api: 1.18.0
  - recommendations: 2.0.0
  - related_resources: 1.3.0
  - serverinfo: 1.18.0
  - settings: 1.10.1
  - sharebymail: 1.18.0
  - support: 1.11.0
  - survey_client: 1.16.0
  - systemtags: 1.18.0
  - text: 3.9.1
  - theming: 2.3.0
  - twofactor_backupcodes: 1.17.0
  - updatenotification: 1.18.0
  - user_ldap: 1.19.0
  - user_status: 1.8.1
  - viewer: 2.2.0
  - workflowengine: 2.10.0
Disabled:
  - encryption: 2.16.0
  - files_retention: 1.16.0 (installed 1.16.0)
  - files_rightclick: 0.15.1 (installed 1.6.0)
  - firstrunwizard: 2.17.0 (installed 2.16.0)
  - suspicious_login: 6.0.0
  - twofactor_totp: 10.0.0-beta.2 (installed 8.0.0-alpha.0)
  - weather_status: 1.8.0 (installed 1.6.0)

Nextcloud Signing status

No errors have been found.

Nextcloud Logs

No response

Additional info

No response

joshtrichards commented 8 months ago

Are you saying you know with certainty the test should pass in your environment?

Can you confirm things that require mjs are fully functioning:

rchaconmolero commented 8 months ago

Yes. Activity and logging show current logs entries.

log Activity

solracsf commented 8 months ago

What is the output of:

curl -I https://your.nextcloud.tld/apps/settings/js/esm-test.mjs

susnux commented 8 months ago

@rchaconmolero this would be interesting because what that test does is testing to access your instance and check the returned mime type. Meaning if your server can not resolve its own host name it will fail here.

What is the output of:

curl -I https://your.nextcloud.tld/apps/settings/js/esm-test.mjs

Also it would be really helpful if you could set the logging level to debug and send the logfile or at least search the log for an entry like the following and send that entry if it exists:

Can not connect to local server for checking JavaScript modules support

joshtrichards commented 8 months ago

Meaning if your server can not resolve its own host name it will fail here.

Specifically*: At least one of Nextcloud's configured trusted_domains must be accessible (via its URL) from the Nextcloud app server itself.

*Or at least that's my take from my first read though of this recently added code

rchaconmolero commented 8 months ago

In Chrome or webserver, URL --> "https://next01d.canal-sur.interno/apps/settings/js/esm-test.mjs"

/**

export default 'Hello'

.- The output to the command

# curl -I https://next01d.canal-sur.interno/apps/settings/js/esm-test.mjs HTTP/2 200
strict-transport-security: max-age=15552000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
last-modified: Sat, 20 Jan 2024 10:43:51 GMT
etag: "6d-60f5e45bc0776"
accept-ranges: bytes
content-length: 109
vary: Accept-Encoding
cache-control: max-age=15778463
content-type: text/javascript
date: Sun, 21 Jan 2024 05:27:03 GMT
server: Apache
pandusen commented 8 months ago

I can confirm the same issue, after update: 28.0.1 to 28.0.2 RC1

My output from curl -I https://your.nextcloud.tld/apps/settings/js/esm-test.mjs :

HTTP/1.1 200 OK
Date: Sun, 21 Jan 2024 11:11:18 GMT
Server: Apache/2.4.57 (AlmaLinux) OpenSSL/3.0.7
Strict-Transport-Security: max-age=63072000
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Upgrade: h2
Connection: Upgrade
Last-Modified: Sun, 21 Jan 2024 07:11:10 GMT
ETag: "6d-60f6f6af88f68"
Accept-Ranges: bytes
Content-Length: 109
Cache-Control: max-age=15778463
Content-Type: text/javascript
solracsf commented 8 months ago

For those with the problem, can you please:

Also it would be really helpful if you could set the logging level to debug and send the logfile here, or at least, search the log for an entry like the following and send that complete entry if it exists:

Can not connect to local server for checking JavaScript modules support

pandusen commented 8 months ago

I am simultaneously also have the "Could not load log entries" error. Currently investigating. Edit: Above was a ublock issue.

Yes, my log contains this entry:

LocalServerExceptionCould not detect any host Can not connect to local server for checking JavaScript modules support

Also has this Entry: LocalServerException Host violates local access rules Can not connect to local server for checking JavaScript modules support

solracsf commented 8 months ago

@pandusen can you post the full RAW stack trace from the log reader app about Can not connect to local server for checking JavaScript modules support?

image

pandusen commented 8 months ago

Sure (I have replaced fqdn and username.)

Could not detect any host:

{
  "reqId": "Za0hieI4tzKF-QVLu1D6wwAA1iE",
  "level": 0,
  "time": "2024-01-21T13:52:11+00:00",
  "remoteAddr": "192.168.0.30",
  "user": "user",
  "app": "settings",
  "method": "GET",
  "url": "/index.php/settings/ajax/checksetup",
  "message": "Can not connect to local server for checking JavaScript modules support",
  "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36",
  "version": "28.0.2.0",
  "exception": {
    "Exception": "OCP\\Http\\Client\\LocalServerException",
    "Message": "Could not detect any host",
    "Code": 0,
    "Trace": [
      {
        "file": "/var/www/html/nextcloud/lib/private/Http/Client/Client.php",
        "line": 260,
        "function": "preventLocalAddress",
        "class": "OC\\Http\\Client\\Client",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/apps/settings/lib/SetupChecks/JavaScriptModules.php",
        "line": 67,
        "function": "head",
        "class": "OC\\Http\\Client\\Client",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/SetupCheck/SetupCheckManager.php",
        "line": 49,
        "function": "run",
        "class": "OCA\\Settings\\SetupChecks\\JavaScriptModules",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/apps/settings/lib/Controller/CheckSetupController.php",
        "line": 303,
        "function": "runAll",
        "class": "OC\\SetupCheck\\SetupCheckManager",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/AppFramework/Http/Dispatcher.php",
        "line": 230,
        "function": "check",
        "class": "OCA\\Settings\\Controller\\CheckSetupController",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/AppFramework/Http/Dispatcher.php",
        "line": 137,
        "function": "executeController",
        "class": "OC\\AppFramework\\Http\\Dispatcher",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/AppFramework/App.php",
        "line": 184,
        "function": "dispatch",
        "class": "OC\\AppFramework\\Http\\Dispatcher",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/Route/Router.php",
        "line": 315,
        "function": "main",
        "class": "OC\\AppFramework\\App",
        "type": "::"
      },
      {
        "file": "/var/www/html/nextcloud/lib/base.php",
        "line": 1069,
        "function": "match",
        "class": "OC\\Route\\Router",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/index.php",
        "line": 39,
        "function": "handleRequest",
        "class": "OC",
        "type": "::"
      }
    ],
    "File": "/var/www/html/nextcloud/lib/private/Http/Client/Client.php",
    "Line": 192,
    "message": "Can not connect to local server for checking JavaScript modules support",
    "exception": [],
    "url": "cloud.nextcloud.tld/apps/settings/js/esm-test.mjs",
    "CustomMessage": "Can not connect to local server for checking JavaScript modules support"
  },
  "id": "65ad22baddbdd"
}

Host violates local access rules:

{
  "reqId": "Za0hieI4tzKF-QVLu1D6wwAA1iE",
  "level": 0,
  "time": "2024-01-21T13:52:11+00:00",
  "remoteAddr": "192.168.0.30",
  "user": "user",
  "app": "settings",
  "method": "GET",
  "url": "/index.php/settings/ajax/checksetup",
  "message": "Can not connect to local server for checking JavaScript modules support",
  "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36",
  "version": "28.0.2.0",
  "exception": {
    "Exception": "OCP\\Http\\Client\\LocalServerException",
    "Message": "Host violates local access rules",
    "Code": 0,
    "Trace": [
      {
        "file": "/var/www/html/nextcloud/3rdparty/guzzlehttp/guzzle/src/PrepareBodyMiddleware.php",
        "line": 35,
        "function": "OC\\Http\\Client\\{closure}",
        "class": "OC\\Http\\Client\\DnsPinMiddleware",
        "type": "->",
        "args": [
          "*** sensitive parameters replaced ***"
        ]
      },
      {
        "file": "/var/www/html/nextcloud/3rdparty/guzzlehttp/guzzle/src/Middleware.php",
        "line": 31,
        "function": "__invoke",
        "class": "GuzzleHttp\\PrepareBodyMiddleware",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/3rdparty/guzzlehttp/guzzle/src/RedirectMiddleware.php",
        "line": 71,
        "function": "GuzzleHttp\\{closure}",
        "class": "GuzzleHttp\\Middleware",
        "type": "::",
        "args": [
          "*** sensitive parameters replaced ***"
        ]
      },
      {
        "file": "/var/www/html/nextcloud/3rdparty/guzzlehttp/guzzle/src/Middleware.php",
        "line": 63,
        "function": "__invoke",
        "class": "GuzzleHttp\\RedirectMiddleware",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/3rdparty/guzzlehttp/guzzle/src/HandlerStack.php",
        "line": 75,
        "function": "GuzzleHttp\\{closure}",
        "class": "GuzzleHttp\\Middleware",
        "type": "::",
        "args": [
          "*** sensitive parameters replaced ***"
        ]
      },
      {
        "file": "/var/www/html/nextcloud/3rdparty/guzzlehttp/guzzle/src/Client.php",
        "line": 331,
        "function": "__invoke",
        "class": "GuzzleHttp\\HandlerStack",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/3rdparty/guzzlehttp/guzzle/src/Client.php",
        "line": 168,
        "function": "transfer",
        "class": "GuzzleHttp\\Client",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/3rdparty/guzzlehttp/guzzle/src/Client.php",
        "line": 187,
        "function": "requestAsync",
        "class": "GuzzleHttp\\Client",
        "type": "->",
        "args": [
          "*** sensitive parameters replaced ***"
        ]
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/Http/Client/Client.php",
        "line": 261,
        "function": "request",
        "class": "GuzzleHttp\\Client",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/apps/settings/lib/SetupChecks/JavaScriptModules.php",
        "line": 67,
        "function": "head",
        "class": "OC\\Http\\Client\\Client",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/SetupCheck/SetupCheckManager.php",
        "line": 49,
        "function": "run",
        "class": "OCA\\Settings\\SetupChecks\\JavaScriptModules",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/apps/settings/lib/Controller/CheckSetupController.php",
        "line": 303,
        "function": "runAll",
        "class": "OC\\SetupCheck\\SetupCheckManager",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/AppFramework/Http/Dispatcher.php",
        "line": 230,
        "function": "check",
        "class": "OCA\\Settings\\Controller\\CheckSetupController",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/AppFramework/Http/Dispatcher.php",
        "line": 137,
        "function": "executeController",
        "class": "OC\\AppFramework\\Http\\Dispatcher",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/AppFramework/App.php",
        "line": 184,
        "function": "dispatch",
        "class": "OC\\AppFramework\\Http\\Dispatcher",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/Route/Router.php",
        "line": 315,
        "function": "main",
        "class": "OC\\AppFramework\\App",
        "type": "::"
      },
      {
        "file": "/var/www/html/nextcloud/lib/base.php",
        "line": 1069,
        "function": "match",
        "class": "OC\\Route\\Router",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/index.php",
        "line": 39,
        "function": "handleRequest",
        "class": "OC",
        "type": "::"
      }
    ],
    "File": "/var/www/html/nextcloud/lib/private/Http/Client/DnsPinMiddleware.php",
    "Line": 150,
    "message": "Can not connect to local server for checking JavaScript modules support",
    "exception": [],
    "url": "https://cloud.nextcloud.tld/apps/settings/js/esm-test.mjs",
    "CustomMessage": "Can not connect to local server for checking JavaScript modules support"
  },
  "id": "65ad22badfee9"
}
rchaconmolero commented 8 months ago

{"reqId":"gyjwFmfci2qcrrnrMlA6","level":0,"time":"2024-01-21T15:24:40+01:00","remoteAddr":"10.236.138.4","user":"adminnext","app":"settings","method":"GET","url":"/settings/ajax/checksetup","message":"Can not connect to local server for checking JavaScript modules support","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Edg/119.0.0.0","version":"28.0.2.0","exception":{"Exception":"OCP\Http\Client\LocalServerException","Message":"Could not detect any host","Code":0,"Trace":[{"file":"/var/www/nextcloud/lib/private/Http/Client/Client.php","line":260,"function":"preventLocalAddress","class":"OC\Http\Client\Client","type":"->"},{"file":"/var/www/nextcloud/apps/settings/lib/SetupChecks/JavaScriptModules.php","line":67,"function":"head","class":"OC\Http\Client\Client","type":"->"},{"file":"/var/www/nextcloud/lib/private/SetupCheck/SetupCheckManager.php","line":49,"function":"run","class":"OCA\Settings\SetupChecks\JavaScriptModules","type":"->"},{"file":"/var/www/nextcloud/apps/settings/lib/Controller/CheckSetupController.php","line":303,"function":"runAll","class":"OC\SetupCheck\SetupCheckManager","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php","line":230,"function":"check","class":"OCA\Settings\Controller\CheckSetupController","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php","line":137,"function":"executeController","class":"OC\AppFramework\Http\Dispatcher","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/App.php","line":184,"function":"dispatch","class":"OC\AppFramework\Http\Dispatcher","type":"->"},{"file":"/var/www/nextcloud/lib/private/Route/Router.php","line":315,"function":"main","class":"OC\AppFramework\App","type":"::"},{"file":"/var/www/nextcloud/lib/base.php","line":1069,"function":"match","class":"OC\Route\Router","type":"->"},{"file":"/var/www/nextcloud/index.php","line":39,"function":"handleRequest","class":"OC","type":"::"}],"File":"/var/www/nextcloud/lib/private/Http/Client/Client.php","Line":192,"message":"Can not connect to local server for checking JavaScript modules support","exception":[],"url":"next01d.canal-sur.interno/apps/settings/js/esm-test.mjs","CustomMessage":"Can not connect to local server for checking JavaScript modules support"},"id":"65ad296c9a981"}

solracsf commented 8 months ago

@susnux should we add a

'nextcloud' => ['allow_local_address' => true]

to the httpClient params?

https://github.com/nextcloud/server/blob/1612d025cf21ac0ae70327c46dd59be66c096627/apps/settings/lib/SetupChecks/JavaScriptModules.php#L67

susnux commented 8 months ago

@susnux should we add a

'nextcloud' => ['allow_local_address' => true]

to the httpClient params?

https://github.com/nextcloud/server/blob/1612d025cf21ac0ae70327c46dd59be66c096627/apps/settings/lib/SetupChecks/JavaScriptModules.php#L67

Yes! I wonder why it did work when I tested it. This will probably resolve this issue!

solracsf commented 8 months ago

@pandusen please try https://github.com/nextcloud/server/pull/42999 and report back if possible.

rchaconmolero commented 8 months ago

In my case, with 'allow_local_address' => true, in config.php does not resolve the problem.

scttstrck commented 8 months ago

Same here. The output of curl shows it being returned as content-type: text/javascript , however I still get the error show. Adding allow_local_address to the config.php does not change anything.

solracsf commented 8 months ago

Have you all tried the PR, or just edited the config.php file?

scttstrck commented 8 months ago

I did both. I edited line 67 in apps/settings/lib/SetupChecks/JavaScriptModules.php , which was then formatted into multiple lines, and I added line 78.

susnux commented 8 months ago

I did both. I edited line 67 in apps/settings/lib/SetupChecks/JavaScriptModules.php , which was then formatted into multiple lines, and I added line 78.

Can you please look at your log and send the log message?

Also it would be really helpful if you could set the logging level to debug and send the logfile here, or at least, search the log for an entry like the following and send that complete entry if it exists:

Can not connect to local server for checking JavaScript modules support

As this should now be a different one

solracsf commented 8 months ago

Ok I'm out of ideas here, and I can't reproduce the error on my test instances 😭 

curl -I https://your.nextcloud.tld/apps/settings/js/esm-test.mjs

But, as long as the Content-Type returned by the above comand is either application/javascript or text/javascript, this warning/error is purely cosmetic and everything works as expected 👍

pandusen commented 8 months ago

The PR by it selv, cleared the error in the Nextcloud dashboard. Adding the line in config.php, makes no difference. For good measure i copied the edited loop from my JavaScriptModeules.php, in case i mistyped, and just broke the checking function.

foreach ($testURLs as $testURL) {
            try {
                $client = $this->clientService->newClient();
                $response = $client->head($testURL, [
                    'connect_timeout' => 10,
                    'nextcloud' => [
                        'allow_local_address' => true,
                    ],
                ]);
                if (preg_match('/(text|application)\/javascript/i', $response->getHeader('Content-Type'))) {
                    return SetupResult::success();
                }
            } catch (\Throwable $e) {
                $this->logger->debug('Can not connect to local server for checking JavaScript modules support', ['exception' => $e, 'url' => $testURL]);
                return SetupResult::warning($this->l10n->t('Could not check for JavaScript support. Please check manually if your webserver serves `.mjs` files using the JavaScript MIME type.'));
            }
        }
        return SetupResult::error($this->l10n->t('Blablabla'));
susnux commented 8 months ago

@pandusen so I understand it correctly, if using the code from the pull request the error is gone?

pandusen commented 8 months ago

@susnux Yes, in my instance, the error is gone after updating the code. It is neither in Dashboard or Logfile at Debug level. (Seemingly, I dont even have to add anything to the Nextcloud config.php)

susnux commented 8 months ago

ok thank you :)

theoriginalguy commented 7 months ago

After upgrading to 28.02 RC3 I noticed that there is no support for self-signed certificates and the behavior is to leave an unclear-able warning message:

"Could not check for JavaScript support. Please check manually if your webserver serves .mjs files using the JavaScript MIME type."

Can you add a flag in the JavaScriptModeules.php to support self-signed certificates? Something like: 'nextcloud' => 'allow_local_address' => true, 'ignore_ssl_certificate' => true, ],

OR

'nextcloud' => 'allow_local_address' => true, 'allow_self_signed_certs' => true, ],

WechuTM commented 7 months ago

After upgrading to 28.02 RC3 I noticed that there is no support for self-signed certificates and the behavior is to leave an unclear-able warning message:

"Could not check for JavaScript support. Please check manually if your webserver serves .mjs files using the JavaScript MIME type."

Can you add a flag in the JavaScriptModeules.php to support self-signed certificates? Something like: 'nextcloud' => 'allow_local_address' => true, 'ignore_ssl_certificate' => true, ],

OR

'nextcloud' => 'allow_local_address' => true, 'allow_self_signed_certs' => true, ],

@theoriginalguy I think this is a good solution. In RC4 version the problem still occurs

susnux commented 7 months ago

After upgrading to 28.02 RC3 I noticed that there is no support for self-signed certificates and the behavior is to leave an unclear-able warning message:

Different issue, handled in https://github.com/nextcloud/server/issues/43153

peternormann commented 7 months ago

For those that experience this issue and use nginx as reverse proxy:

I had the same issue and tested with esm-test.mjs command above:

$ curl -I https://your.nextcloud.tld/apps/settings/js/esm-test.mjs
HTTP/2 200 
server: nginx
date: Thu, 01 Feb 2024 14:19:31 GMT
content-type: application/octet-stream
content-length: 109
last-modified: Thu, 01 Feb 2024 08:37:38 GMT
etag: "65bb5852-6d"
strict-transport-security: max-age=63072000; includeSubDomains;  preload
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
accept-ranges: bytes

Noting that the content-type is application/octet-stream being my default mime-type for extensions, nginx obviously doesn't have the '.mjs' extension in the mime.types file.

I fixed the issue by adding the .mjs extension to nginx.conf like this: 

http {
    ...

    include /etc/nginx/mime.types;

    types {
        application/javascript mjs;
    }

    default_type application/octet-stream;

    ...
}

Credits: https://github.com/storybookjs/storybook/issues/20157#issuecomment-1500456820

cpu2910 commented 7 months ago

For those that experience this issue and use nginx as reverse proxy:

I had the same issue and tested with esm-test.mjs command above:

$ curl -I https://your.nextcloud.tld/apps/settings/js/esm-test.mjs
HTTP/2 200 
server: nginx
date: Thu, 01 Feb 2024 14:19:31 GMT
content-type: application/octet-stream
content-length: 109
last-modified: Thu, 01 Feb 2024 08:37:38 GMT
etag: "65bb5852-6d"
strict-transport-security: max-age=63072000; includeSubDomains;  preload
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
accept-ranges: bytes

Noting that the content-type is application/octet-stream being my default mime-type for extensions, nginx obviously doesn't have the '.mjs' extension in the mime.types file.

I fixed the issue by adding the .mjs extension to nginx.conf like this:

http {
  ...

  include /etc/nginx/mime.types;

  types {
      application/javascript mjs;
  }

  default_type application/octet-stream;

  ...
}

Credits: storybookjs/storybook#20157 (comment)

After fixing the mime-type issue as described above, my nginx still won't deliver .mjs correctly.

In the /etc/nginx/sites-enabled/your-vhost.conf I had to add mjs also: Look for this and add mjs to location:

# Adding the cache control header for js, css and map files
    # Make sure it is BELOW the PHP block
    location ~ \.(?:css|mjs|js|woff2?|svg|gif|map|png|jpg|ico)$ {
joshtrichards commented 7 months ago

Both changes are also fully covered in the Admin Manual:

https://docs.nextcloud.com/server/latest/admin_manual/installation/nginx.html

Dubbeldrank commented 7 months ago

For those that experience this issue and use nginx as reverse proxy: I had the same issue and tested with esm-test.mjs command above:

$ curl -I https://your.nextcloud.tld/apps/settings/js/esm-test.mjs
HTTP/2 200 
server: nginx
date: Thu, 01 Feb 2024 14:19:31 GMT
content-type: application/octet-stream
content-length: 109
last-modified: Thu, 01 Feb 2024 08:37:38 GMT
etag: "65bb5852-6d"
strict-transport-security: max-age=63072000; includeSubDomains;  preload
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
accept-ranges: bytes

Noting that the content-type is application/octet-stream being my default mime-type for extensions, nginx obviously doesn't have the '.mjs' extension in the mime.types file. I fixed the issue by adding the .mjs extension to nginx.conf like this:

http {
    ...

    include /etc/nginx/mime.types;

    types {
        application/javascript mjs;
    }

    default_type application/octet-stream;

    ...
}

Credits: storybookjs/storybook#20157 (comment)

After fixing the mime-type issue as described above, my nginx still won't deliver .mjs correctly.

In the /etc/nginx/sites-enabled/your-vhost.conf I had to add mjs also: Look for this and add mjs to location:

# Adding the cache control header for js, css and map files
    # Make sure it is BELOW the PHP block
    location ~ \.(?:css|mjs|js|woff2?|svg|gif|map|png|jpg|ico)$ {

I applied these changed to my mime.types file and vhost and the error was gone. Thanks!

cowanmax commented 7 months ago

Many thanks for this solution. I have the same case in nginx. I added: application/javascript mjs; in /etc/nginx/mime.types and in vhost config: location ~ \.(?:css|mjs|js|svg|gif|png|jpg|ico|wasm|tflite|map)

hardingt commented 7 months ago

Same issue here I don't use nginx My Activities feed and Logs work fine

I've tried with 'allow_local_address' => true into the config.php and no luck, going to remove it

FWIW:

Screenshot 2024-02-02 at 9 23 19 AM Screenshot 2024-02-02 at 9 22 31 AM

and

me@me ~ % curl -I https://mydomain/apps/settings/js/esm-test.mjs
HTTP/1.1 200 OK
Date: Fri, 02 Feb 2024 14:26:12 GMT
Server: Apache/2.4.41 (Ubuntu)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 02 Feb 2024 13:55:53 GMT
ETag: "6d-6106678759834"
Accept-Ranges: bytes
Content-Length: 109
Cache-Control: max-age=15778463
Content-Type: text/javascript
hardingt commented 7 months ago

Should I make a new bug report @susnux , it looks like this one is closed (I admit I didn't notice this when I commented)

joshtrichards commented 7 months ago

@hardingt Not sure your installation environment, but what happens when you run that curl command from the Nextcloud app container/server itself?

susnux commented 7 months ago

@hardingt are you running 28.0.2? If not please update as the fixes are included in that version. If you use self signed certificates you would have to wait for 28.0.3 and just ignore the warning.

hardingt commented 7 months ago

Running 28.0.2, it's when I first noticed the issue (I upgraded just this morning)

I'm not sure how to run the curl command from the app server itself, when I do it just hangs, is there a specific path I should be using instead of https://mydomain/apps/settings/js/esm-test.mjs?

root@nextcloud:/var/www/nextcloud/config# curl -I https://mydomain/apps/settings/js/esm-test.mjs

I usually cancel it after 30 seconds.

susnux commented 7 months ago

Maybe try -v flag to show where it hangs?

Also you might need the index.php/ part within the URL, depending on the configuration of your server?

You could also enable debug log level ('loglevel' => 0) and post the log entry from the failed setup check.

Aaron-von-Awesome commented 7 months ago

Also getting this error after updating from 28.0.1 to 28.0.2

vasyugan commented 7 months ago

I was hit by this after upgrading NC 27.6 to 28.2

I've solved this for me by modifying the file /etc/nginx/mime.type, changing the line

application/javascript js; to application/javascript js mjs;

If a change to the webserver config is required, then there should be instructions to to so

joshtrichards commented 7 months ago

@vasyugan

If a change to the webserver config is required, then there should be instructions to to so

There are. See the Admin Manual. :-) The nginx config in the manual for the last two major releases includes it and it was also noted in the first release that required it in the release notes section of the Admin Manual. It's been required since NC27, but impacts more things in NC28 so a lot of folks didn't notice until now. :-)

hardingt commented 7 months ago

@joshtrichards I see it here:

image

and here

image

but both reference nginx, many of us aren't using nginx it seems from the logs posted here.

@susnux I'll take a look tomorrow with the suggestions you given. My guess is that my dns isn't set up to redirect my domain name to local host, and I'm not savvy enough to know what setting that up would do to the SSL cert:

curl: (60) SSL: no alternative certificate subject name matches target host name 'localhost'

I'll see about turning on the debug log.

joshtrichards commented 7 months ago

@hardingt

but both reference nginx, many of us aren't using nginx it seems from the logs posted here.

It's irrelevant for Apache since we provide an updated .htaccess with each release. And we don't provide configs for any other web servers.

hendricksond commented 7 months ago

I'm using apache. After updating to 28.0.2 today I'm getting the error:

Could not check for JavaScript support. Please check manually if your webserver serves `.mjs` files using the JavaScript MIME type.

Output of curl -I https://DOMAIN/apps/settings/js/esm-test.mjs:

HTTP/1.1 200 OK
Date: Fri, 02 Feb 2024 18:57:01 GMT
Server: Apache/2.4.57 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Thu, 01 Feb 2024 09:37:38 GMT
ETag: "6d-6104ebefcdc80"
Accept-Ranges: bytes
Content-Length: 109
Vary: Accept-Encoding
Cache-Control: max-age=15778463
Content-Type: text/javascript
spiezmaestro commented 7 months ago

I was having the same issue with 28.0.2 on Apache. I used to connect to Apache directly, but have now pfSense in front of it. It appeared, that the certificate on Apache expired (did not notice as I connect via pfSense and ignore cert issues from the backend). This was however causing issues with the check for .mjs. After updating the certificate, the error was gone.

susnux commented 7 months ago

If a change to the webserver config is required, then there should be instructions to to so

As Josh already mentioned, this is in the Admin manual since Nextcloud 27.

Please see here for the self-signed certificate issue: https://github.com/nextcloud/server/issues/43153

susnux commented 7 months ago

HELP, I am also affected by this

  1. Please make sure you are not using self signed certificates and your certificates are not expired. If you use self signed certificates either:
  2. Make sure you can connect from your web server to your web server, meaning if you have custom DNS then your server must be able to resolve its domain name (one of the trusted_domains).
  3. If you use NGinx please read the current admin documentation on how to add .mjs support.
  4. You can safely ignore the warning if curl -I https://DOMAIN/apps/settings/js/esm-test.mjs shows content type text/javascript
  5. If 4 affects you, then please provide information, at least include the log messages from nextcloud.log when setting loglevel to 0.
BurtGummer commented 7 months ago

You can safely ignore the warning if curl -I https://DOMAIN/apps/settings/js/esm-test.mjs shows content type text/javascript

I have the same problem and curl shows "content type text/javascript", but I hate ignoring warnings, if this warning is so insignificant, there should be an option to hide this warning and still get the green tick.

MortRainey commented 7 months ago

Why is this closed? Its not resolved? I Have tryed every tip here and nothing works. Letsencrypt Cert, nginx and nginx as Reverse Proxy.

i don't know why, but i have two instances and one of them has this warning. The other not.