Nextcloud not working on chrome (js issues, headers wont load)

ℹ️ Support
1

Nextcloud version 13.0.6)
Operating system Ubuntu server 18.04
Apache or nginx version apache2
PHP version 7.2

The issue you are facing: Nothing is working on chrome (only on IE)

Is this the first time you’ve seen this error? Y

Steps to replicate it:

  1. Install nextcloud

The output of your Nextcloud log in Admin > Logging:

Litterly nothing

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

<?php
$CONFIG = array (
  'instanceid' => '<iid>',
  'passwordsalt' => '<pass>',
  'secret' => '<secret>',
  'trusted_domains' => 
  array (
    0 => '<mydomain>',
    1 => '<myip>',
  ),
  'datadirectory' => '/var/www/html/data',
  'overwrite.cli.url' => '<mysite>',
  'dbtype' => 'mysql',
  'version' => '13.0.6.1',
  'dbname' => 'nextcloud',
  'dbhost' => '<db_host>',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'oc_roy1',
  'dbpassword' => '<dbpass>',
  'installed' => true,
  'updater.secret' => '<sec>',
  'maintenance' => false,
  'theme' => '',
  'loglevel' => 2,
);

The output of your Apache/nginx/system log in /var/log/____: (wasnt able to access this so I posted my chrome console errors)

Refused to load the script 'https://amp.cloudflare.com/viewer/rtv/011-4-71/amp-viewer.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval'".

login:1 Refused to load the script 'https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval'".

22Refused to load the font '<URL>' because it violates the following Content Security Policy directive: "font-src 'self'".

[Intervention] Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://cloud.royzonneveld.nl/core/fonts/OpenSans-Light.woff
[Intervention] Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://cloud.royzonneveld.nl/core/fonts/OpenSans-Semibold.woff
2

Hi,

I can reach and see the login site of your server with Firefox as well. Can’t check if your server would work after login obviously.
However, I receive the same message in the browser debug console about the script, but that shouldn’t stop the whole NC site from working.

Refused to load the script 'https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval'"

Where are these scripts coming from anyway? They are not shipped with NC actually.
If you bound these scripts yourself to the server, you need to make sure that your CSP (content security policy) allows these scripts as script source as stated in the browser debug message.

2 Likes
3

Oh wow! I feel kinda dumb right now, that script is from cloudflare rocketloader, its supposed to clean up pages with javascript. Completely forgot about that. I turned it off and everything works now! Thanks man!

2 Likes
4

Hello, I know its a bit late now, but can you please elaborate? I’m a beginner and I have no idea what cloudflare rocketloader is and how to disable it. Thank you.