Collabora Online: HTTP iframe

Hey there,

I’m currently running Nextcloud 13 and am trying to set up the Collabora Online integration. I already have an instance of Collabora Online that’s running fairly well on my server behind a HTTPS reverse proxy (while Collabora Online itself also serves with HTTPS).

My issue is that, although SSL seems to be correctly configured on Collabora Online, and I entered the HTTPS URL in the admin settings, when trying to open an ODT file in Nextcloud, it fails because of it apparently trying to load the Collabora Online GUI using HTTP rather than HTTPS (so it gets blocked by the browser).

More precisely, the related error I see in the browser’s console is

Content Security Policy: The page’s settings blocked the loading of a resource at http://[...]/loleaflet/0adc773/loleaflet.html?WOPISrc=https%3A%2F%2F[...]%2Findex.php%2Fapps%2Frichdocuments%2Fwopi%2Ffiles%2F10373_ocamtej0nfw2&title=[...].odt&lang=fr&closebutton=1&revisionhistory=1 (“frame-src”).

What puzzles me the most is that all this is happening while curling https://[...]/hosting/discovery gets me a document containing only HTTPS URLs. I know these URLs are generated using the origin of my request, but then I really can’t see where the HTTP URL comes from.

Would anyone have a clue on what to do in order to fix this issue?


For the record, I still don’t know why errors regarding HTTP iframes were appearing, but I did manage to configure my web server to make Collabora Online work, I detailed everything at