Good morning,
I am a bit concerned that my app configuration is available to a public user in source. At the top of my login page I am getting app variables displaying in source showing anonymous people potentially all my config, versions and apps running in next cloud etc. When I view source I see this sort of stuff:
var oc_debug=false;
var oc_isadmin=false;
var oc_dataURL=false;
var oc_webroot="/sandbox";
var oc_appswebroots={“activity”:"/sandbox/apps/activity",“comments”:"/sandbox/apps/comments",“dav”:"/sandbox/apps/dav", … etc
Is there a way to hide this from NC source? I am guessing I have some config somewhere in my config.php that I can modify to adjust this?
Any advice would be greatly appreciated. I’m running two version of NC. V11 and V12. Same issue on both.
Regards,
Col
Sorry to hear you’re facing problems
If you’re urgently looking for support to keep your business running, consider checking out our paid support options.
In order to help you as quickly as possible, before clicking Create Topic please provide as much of the following as you can (you can cut and paste this into your topic):
Nextcloud version (eg, 10.0.2):
Operating system and version (eg, Ubuntu 16.04):
Apache or nginx version (eg, Apache 2.4.25):
PHP version (eg, 5.6):
Is this the first time you’ve seen this error?:
Can you reliably replicate it? (If so, please outline steps):
The issue you are facing:
The output of your Nextcloud log in Admin > Logging:
The output of your config.php file in /path/to/nextcloud
(make sure you remove any identifiable information!):
The output of your Apache/nginx/system log in /var/log/____
:
Remember, this information may be requested if it isn’t supplied; for fastest response please provide as much as you can Feel free to use a pastebin service, otherwise log files can be indented with 4 spaces on each line to present them in a friendlier way on the forum.