Support intro
Sorry to hear you’re facing problems
help.nextcloud.com is for home/non-enterprise users. If you’re running a business, paid support can be accessed via portal.nextcloud.com where we can ensure your business keeps running smoothly.
In order to help you as quickly as possible, before clicking Create Topic please provide as much of the below as you can. Feel free to use a pastebin service for logs, otherwise either indent short log examples with four spaces:
example
Or for longer, use three backticks above and below the code snippet:
longer
example
here
Some or all of the below information will be requested if it isn’t supplied; for fastest response please provide as much as you can
Nextcloud version (eg, 20.0.5): 22.0.0
Operating system and version (eg, Ubuntu 20.04): Ubuntu 20.04.1 LTS
Apache or nginx version (eg, Apache 2.4.25): 2.4.41
PHP version (eg, 7.4): 7.3.28
The issue you are facing:
I want to embed my nextcloud installation in a trusted iFrame on another domain of mine. While basic embedding works by editting the $allowedFrameAncestors variable in the ContentSecurityPolicy.php file, I just get a login screen presented. It does do a server request / loading icon for a bit but then just refreshes the page back to the login page. Presumably this is caused by cookies not being handled well over/within the iframe.
Most if not all hits you get searching on this are about security headers not including the domain you want to embed from. But that isn’t the issue as I get the Nextcloud login screen. I just would like to be able to actually login or use some kind of single sign on so I can for example share a Deck board.
Is this the first time you’ve seen this error? (N):
Steps to replicate it:
<iframe width='1000' height='600' frameborder='0' src='https://a.com/index.php/s/HX3tJJm3d2yneiW'></iframe>
-
Make sure domain b.com is added to the $allowedFrameAncestors array in /lib/public/AppFramework/Http/ContentSecurityPolicy.php
-
Try to view the page (should succeed) and login using existing credentials (should fail).
The output of your Nextcloud log in Admin > Logging:
none
The output of your config.php file in /path/to/nextcloud
(make sure you remove any identifiable information!):
$CONFIG = array (
'instanceid' => '518439h4893f3jf28db',
'passwordsalt' => 'blablablablabla',
'datadirectory' => '/yoda/cloudstore/data/',
'dbtype' => 'mysql',
'version' => '22.0.0.11',
'dbname' => 'nextcloud',
'dbhost' => 'localhost',
'dbtableprefix' => 'oc_',
'dbuser' => 'nextcloud',
'dbpassword' => 'blablabalbalbalbla',
'overwritewebroot' => '/',
'installed' => true,
'forcessl' => true,
'maintenance' => false,
'trashbin_retention_obligation' => 'auto,90',
'preview_libreoffice_path' => '/usr/bin/libreoffice',
'theme' => '',
'default_phone_region' => 'NL',
'has_internet_connection' => true,
'check_for_working_webdav' => true,
'check_for_working_htaccess' => true,
'memcache.local' => '\\OC\\Memcache\\Redis',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'filelocking.enabled' => true,
'redis' =>
array (
'host' => '/var/run/redis/redis-server.sock',
'port' => 0,
'timeout' => 0,
'dbindex' => 0,
),
'trusted_proxies' =>
array (
0 => '127.0.0.1',
1 => '::1',
2 => '192.168.100.6',
3 => 'a.com',
),
'trusted_domains' =>
array (
0 => 'a.com',
1 => 'b.com',
2 => 'collabora.a.com',
),
'mail_from_address' => 'fromMe',
'mail_smtpmode' => 'smtp',
'mail_domain' => 'a.com',
'secret' => 'whowthisissecret7',
'asset-pipeline.enabled' => true,
'preview_max_scale_factor' => 1,
'forceSSLforSubdomains' => true,
'app.mail.imaplog.enabled' => true,
'loglevel' => 2,
'log_type' => 'file',
'appstore.experimental.enabled' => true,
'overwrite.cli.url' => 'https://a.com',
'mail_smtpauthtype' => 'LOGIN',
'mail_smtphost' => 'localhost',
'mail_smtpport' => '25',
'data-fingerprint' => 'ncjdsncjkdsnckjndk',
'mysql.utf8mb4' => true,
'updater.release.channel' => 'beta',
'twofactor_enforced' => 'false',
'twofactor_enforced_groups' =>
array (
),
'twofactor_enforced_excluded_groups' =>
array (
),
'app_install_overwrite' =>
array (
0 => 'keeweb',
),
'app.mail.verify-tls-peer' => false,
'updater.secret' => 'looksSecret10183',
);
The output of your Apache/nginx/system log in /var/log/____
:
can;t see any relevant logging...