How to change CSP to access websocket in custom plugin

💻 Development app dev
1

Hello everyone,

I’m currently developing my first plugin using lscr.io/linuxserver/nextcloud:latest and I need to use a websocket to communicate with another app on my pc, but I encounter some issues that I tracked to Content Security Policy configuration.
Here is the error list when I’m trying to execute my communication script
image
If anyone has an idea on how to fix this, I would appreciate it.
Thanks for reading !

2

You can set the CSP headers accordingly by means of setContentSecurityPolicy, getContentSecurityPolicy, and addAllowedWorkerSrcDomain on the template that shows the main HTML page.

I hope this is only for debugging otherwise you will need to add appropriate configuration entries.

3

Thank you for your answer, but I need the solution to be more global.
I edited the default.conf file in config>nginx>site-confs>default.conf and added add_header Content-Security-Policy "connect-src ws://172.20.0.1:8080 ws: 'self' ;" always; below other headers. I still struggle to make my websocket work, and receive these messages:

image
image937×62 6.25 KB

And the error is as follows

Erreur

filesplugin.js?v=b054923d-0:27 Error encountered: Event {isTrusted: true, type: 'error', target: WebSocket, currentTarget: WebSocket, eventPhase: 2, …}isTrusted: truebubbles: falsecancelBubble: falsecancelable: falsecomposed: falsecurrentTarget: WebSocket {url: 'ws://172.20.0.1:8080/ws', readyState: 3, bufferedAmount: 0, onopen: ƒ, onerror: ƒ, …}defaultPrevented: falseeventPhase: 0returnValue: truesrcElement: WebSocket {url: 'ws://172.20.0.1:8080/ws', readyState: 3, bufferedAmount: 0, onopen: ƒ, onerror: ƒ, …}target: WebSocket {url: 'ws://172.20.0.1:8080/ws', readyState: 3, bufferedAmount: 0, onopen: ƒ, onerror: ƒ, …}timeStamp: 46886.29999999888type: "error"[[Prototype]]: Event

4

What do you mean by more global? Which routes should be affected? Am I guessing right that you try to incorporate the complete NC frontend?

Do you mean in the NC folder? I doubt that this config is read anywhere unless you import/include it in your main host’s config. Just to be sure, is the header updated accordingly as you expect it?

Finally, if you do not write a bit more of context it is rather hard to guess what you mean and need. Are you creating your own app or trying something differently?