Nextcloud version : 17.0.4
Operating system and version: Debian buster
PHP version (eg, 7.1): 7.3
Is this the first time you’ve seen this error? (Y/N): yes, after upgrade
I have issue related to logon problems: “Refused to send form data to ‘http://redacted/’ because it violates the following Content Security Policy directive: “form-action ‘self’”.”
I have read all topics related to this issue (here and on github) and i couldn’t find solution.
In nextcloud config i have:
'overwrite.cli.url' => 'https://redacted', 'overwritehost' => 'redacted', 'overwriteprotocol' => 'https', 'overwritewebroot' => '/', 'overwritecondaddr' => '^redacted_reverse_proxy_ip$',
My configuration looks like this:
VM Apache2 reverseproxy > VM backend virtual host with nextcloud (also apache2)
On backend in apache2.conf i have such configuration:
This lines help me to see remote client ip, logs are sended back via remote syslog to reverse proxy to parse it using fail2ban tool. On backend server i have also some other virtual hosts (not only nextcloud).
When line “RemoteIPHeader X-Forwarded-For” is deleted everything works great, no loggon issue, but with it i have error mentioned above. I cant delete: “RemoteIPHeader X-Forwarded-For” cause instead of remote clients ip i have only reverseproxy ip so its useless for fail2ban.
Any idea how i can solve this?