LibreOfficeOnline proxy problems after upgrading to version 2.0.1

ℹ️ Support 📄 Collabora
1

Dear “Nextclouders”,

I have a problem after switching to “LOOLWSD 2.0.1”.

I do not use a docker variant. The “LOOLWSD” and “LIBREOFFICE” are built from the source code.

When using version 2.0.1, Apache proxy settings do not work anymore because I always get the following error message:

ERR  Unknown resource: /lool/https://{MYDOMAIN}/apps/richdocuments/wopi/files/2552%3Faccess_token={MYTOKEN}&access_token_ttl=0&permission=edit/ws| wsd/LOOLWSD.cpp:1223

…and the apache-log shows an gateway error (502):

 172.16.1.4 - - [23/Dec/2016:14:03:28 +0100] "GET /lool/https%3A%2F%2F{MYDOMAIN}%2Fapps%2Frichdocuments%2Fwopi%2Ffiles%2F2551%3Faccess_token%3D{MYTOKEN}%26access_token_ttl%3D0%26permission%3Dedit/ws HTTP/1.1" 502 -

… when I leave the Nextcloud settings for “Collabora Online Server:” on https://{MYDOMAIN}

If I set the value so that “LOOLWSD” is directly addressed:

"Collabora Online Server: https://{MYDOMAIN}:9980"

Then everything works properly. But I have to open the firewall for this port. This is
Certainly not a big problem, but actually not meaningful and wanted, since the proxy rules have worked until the change to the new version of the “LOOLWSD”.

Here is the excerpt from the vhost-config of Apache:

...

####### PROXY GLOBALS ###################################################################
#
SSLProxyEngine On
ProxyVia On
ProxyPreserveHost On
RequestHeader set X-Forwarded-Proto 'https' env=HTTPS
AllowEncodedSlashes On
SSLProxyVerify None
SSLProxyCheckPeerCN Off
SSLProxyCheckPeerName Off

####### LOOLWSD #########################################################################
#
ProxyPass /loleaflet https://127.0.0.1:9980/loleaflet retry=0
ProxyPassReverse /loleaflet https://127.0.0.1:9980/loleaflet

ProxyPass /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
ProxyPassReverse /hosting/discovery https://127.0.0.1:9980/hosting/discovery

ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/$1/ws

ProxyPass /lool/adminws wss://127.0.0.1:9980/lool/adminws

ProxyPass /lool https://127.0.0.1:9980/lool
ProxyPassReverse /lool https://127.0.0.1:9980/lool

...

If I go back to “LOOLWSD 1.9.0”, the Apache proxy rules will work again and I can
leave the Nextcloud settings for “Collabora Online Server:” on https://{MYDOMAIN}

…and the apache-log shows no error (200):

172.16.1.4 - - [23/Dec/2016:14:16:39 +0100] "GET /lool/https%253A%252F%252F{MYDOMAIN}%252Fapps%252Frichdocuments%252Fwopi%252Ffiles%252F12550%3Faccess_token%3D{MYTOKEN}%26permission%3Dedit/ws HTTP/1.1" 200 -

Does anyone have a similar problem or did I forget something when changing?

Thanks for your help!

2

i think i had the same problem just now.
solution found here: Collabora Online Development Edition (CODE) - Collabora Office and Collabora Online

ProxyPassMatch “/lool/(.*)/ws$” wss://127.0.0.1:9980/lool/$1/ws nocanon

3

It realy seems to be a problem with the canonicalisation of ProxyPassed URLs thru the apache webserver. The “nocanon” option seems to work like the “NE” flag in a apache RewriteRule.
My workaround until now were some RewriteRules in the webserver config. Like these after the proxy rules:

ProxyPass               /loleaflet https://127.0.0.1:9980/loleaflet retry=0
ProxyPassReverse        /loleaflet https://127.0.0.1:9980/loleaflet
ProxyPass               /hosting/discovery https://127.0.0.1:9980/hosting/discovery retry=0
ProxyPassReverse        /hosting/discovery https://127.0.0.1:9980/hosting/discovery
ProxyPassMatch          "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/$1/ws
ProxyPass               /lool/adminws wss://127.0.0.1:9980/lool/adminws
ProxyPass               /lool https://127.0.0.1:9980/lool
ProxyPassReverse        /lool https://127.0.0.1:9980/lool

#########################################################################################

RewriteEngine on

RewriteCond %{HTTP:Upgrade} =websocket [NC]
RewriteCond %{THE_REQUEST} "^[a-zA-Z]+ /(.*) HTTP/\d+(\.\d+)?$"
RewriteRule .? wss://127.0.0.1:9980/%1 [P,NE]

RewriteCond %{HTTP:Upgrade} !=websocket [NC]
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/?
RewriteCond %{REQUEST_URI} !^/?
RewriteCond %{REQUEST_URI} !^/favicon.*?
RewriteCond %{THE_REQUEST} "^[a-zA-Z]+ /(.*) HTTP/\d+(\.\d+)?$"
RewriteRule .? https://127.0.0.1:9980/%1 [P,NE]

But now it is better and shorter with the one option… :wink:

ProxyPassMatch "/lool/(.*)/ws$" wss://127.0.0.1:9980/lool/$1/ws nocanon

works for me too!

If I had read the Apache Module mod_proxy description exactly, I should have also come to the “nocanon” option. But ashes on my head … at collabora (https://www.collaboraoffice.com/code/) it has also taken quite a while until the parameter was specified … :wink:

But now I have a new problem: In any LibreOfficeOnline application, I can switch to the full screen mode. This is particularly noticeable in presentations, which are no longer displayed as full-screen presentations. Well … something is always … :wink:

Thanks!

4

glad i could help!

edit: there is a bug open for the "fullscreen problem"
see https://github.com/nextcloud/richdocuments/issues/13

5

Thank you a lot, it solve my problem :smiley:

6

Adding nocanon in /etc/apache2/sites-avaiable/office.conf also solved my problem after upgrading to the latest collabora docker image.

Thanks!!!

7

Thanks @sakla : adding nocanon worked for me as well !!

8

In my case, this change has solved the “FullScreen” problem:

Insert the allowfullscreen attribute

/apps/richdocuments/js/viewer/viewer.js …so around line 105

var $iframe = $('<iframe id="richdocumentsframe" style="width:100%;height:100%;display:block;position:absolute;top:0;" src="'+viewer+'" allowfullscreen/>');

A search for “allowfullscreen” should then output these two results:

grep -rnwi 'nextclouddir/apps/richdocuments/' -e "allowfullscreen"

nextclouddir/apps/richdocuments/js/documents.js:338:
var frame = '<iframe id="loleafletframe" name="loleafletframe" style="width:100%;height:100%;position:absolute;" allowfullscreen/>';

nextclouddir/apps/richdocuments/js/viewer/viewer.js:105:
var $iframe = $('<iframe id="richdocumentsframe" style="width:100%;height:100%;display:block;position:absolute;top:0;" src="'+viewer+'" allowfullscreen/>');
1 Like