Nextcloud version (eg, 20.0.5): 23.0.0
Operating system and version (eg, Ubuntu 20.04): Docker on Ubuntu 20.04
Apache or nginx version (eg, Apache 2.4.25): Docker image: nextcloud:23
PHP version (eg, 7.4): Docker image: nextcloud:23
The issue you are facing:
Unable to “flawlessly” login. I enter my login credentials, but then I seem to be stuck on the login page.
But when I enter the URL of my Nextcloud installation in another tab, I’m logged in and see the dashboard.
On the “stuck” tab, in the browser console, there’s the following error:
Refused to send form data to 'https://×××××.×××/login' because it violates the following Content Security Policy directive: "form-action 'self' https://×××××.×××".
(Instead of ×××××.×××
, there’s the real hostname.)
I found that I might solve this issue by changing lib/public/AppFramework/Http/ContentSecurityPolicy.php
and changing this array:
protected $allowedFormActionDomains = [
'\'self\'',
'https://×××××.×××/login',
'*.×××××.×××',
];
Didn’t change anything.
This does not happen with all browsers. Only with recent chromium based browsers (Brave, Vivaldi, Edge, Opera). Firefox 95 seems to ignore that.
The output of your config.php file in /path/to/nextcloud
(make sure you remove any identifiable information!):
<?php
$CONFIG = array (
'htaccess.RewriteBase' => '/',
'memcache.local' => '\\OC\\Memcache\\APCu',
'apps_paths' =>
array (
0 =>
array (
'path' => '/var/www/html/apps',
'url' => '/apps',
'writable' => false,
),
1 =>
array (
'path' => '/var/www/html/custom_apps',
'url' => '/custom_apps',
'writable' => true,
),
),
'instanceid' => 'ocp...',
'passwordsalt' => '...',
'secret' => '....',
'trusted_domains' =>
array (
0 => 'nc.5y5.one',
),
'datadirectory' => '/var/www/html/data',
'dbtype' => 'mysql',
'version' => '23.0.0.10',
'overwrite.cli.url' => 'http://×××××××××××.×××',
'dbname' => 'nextcloud',
'dbhost' => 'db',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => 'nextcloud',
'dbpassword' => '.....',
'installed' => true,
'objectstore' =>
array (
'class' => '\\OC\\Files\\ObjectStore\\S3',
'arguments' =>
array (
'bucket' => 'nc-...',
'key' => '.....',
'secret' => '.....',
'region' => 'eu-central-1',
'hostname' => 's3.eu-central-1.wasabisys.com',
'port' => '',
'objectPrefix' => 'urn:oid:',
'autocreate' => false,
'use_ssl' => true,
'use_path_style' => false,
'legacy_auth' => false,
),
),
'maintenance' => false,
'mail_smtpmode' => 'smtp',
'mail_smtphost' => 'mail.xyz',
'mail_sendmailmode' => 'smtp',
'mail_smtpport' => '465',
'mail_from_address' => 'senden',
'mail_domain' => 'foo',
'mail_smtpsecure' => 'ssl',
'mail_smtpauth' => 1,
'mail_smtpname' => 'foo',
'mail_smtppassword' => 'secret',
'twofactor_enforced' => 'false',
'twofactor_enforced_groups' =>
array (
),
'twofactor_enforced_excluded_groups' =>
array (
),
);