How to update authorized domains in Content Security Policy for Nextcloud snap

So I found this blogpost explaining that you need to modify $allowedFrameAncestors in the /lib/public/AppFramework/Http/ContentSecurityPolicy.php to allow other domains to embed your nextcloud.

However, mine is installed as snap, so this file is read only.

  • Is there a way to modify the domains allowed by modifying /var/snap/nextcloud/current/nextcloud/config/config.php which is as far as I know the only file writable with snap (please correct me)?
  • If no, how can I turn the image in a writable way just to modify this and then put it readonly again? Would that modification survive a snap update?


Note that editing PHP files will cause integrity errors in a traditional installation (and as you mention, such a thing is impossible in the snap), so such measures should never be considered an actual solution. This should be exposed in a configuration setting, somewhere.