Disable the Talk / Text url preview crawler to not leak info

for a heads up users searching “nextcloud crawler” - if you don’t like the urls you post in Talk crawled and avoid the info leak - add this to your config.php until implemented as Admin UI option


'reference_opengraph' => false,

and if you’re using nginx and want to skip the spinning wheel that cannot handle the false yet (25.0.5 / 26.0.0 beta), inside your nginx server block:

location = /ocs/v2.php/references/resolve {
  return 404;
1 Like

Has this changed? I swear changing reference_opengraph to false in the config used to work (I remember trying it), but I just now changed it from true to false and Nextcloud is still fetching link previews, at least in Nextcloud Talk chats. I also reloaded chats in my web browser, tried from mobile (Nextcloud Talk app), tried different links, even restarted the server. Nextcloud is running in Docker, in case that makes any difference. I don’t see link previews in Markdown text files because I am using custom CSS to disable those.

Related question: does Nextcloud Talk use the same server-side mechanism to fetch link previews?

Related posts & issues:

it works, but I see a deficiency in the access logs (server 27.0.2 spreed 17.1) the (I think) preview-service-worker.js still emits the get requests for all visible url previews to its own preview endpoint - even if disabled.

GET /ocs/v2.php/references/resolve?reference=https%3A%2F%2F...

the /resolve endpoint doesn’t reach out to the reference if it’s disabled and returns:

"ocs": {
  "meta": {
    "status": "ok",
    "statuscode": 200,
    "message": "OK"
  }, ..

that keeps PHP busy when it could do other things. I speculate the emitting takes place to resolve references it is allowed to resolve (polls, internal images?), but haven’t looked at code at all if that is the app logic

1 Like