Well obviously if you need to edit office files like odt or docx or if you work with spreadsheets you need some kind of office application. If you only use Netxloud for personal files and notes, you might get away with the built in Text app.
Another question would be whether you really need all this in your browser. If not, you could use Libere Office on your desktop instead. But then again if your rarly use the browser apps anyways, this nag screen wouldn’t be that big of an issue, wouldn’t it…
We use nextcloud to coordinate a few things in a local club with ~10 Users. If it was just me I would just use libreoffice local, but editing documents online is kind of mandatory nowadays.
Even if I would just use it once a month, OpenSource Projects which turn like this just give me bad vibes. After the bad move from OnlyOffice most folks went to Collabora, started contributing, opening github issues, and over the years Collabora became a good working solution. Back than it was not really usable. And now, since its a good working solution, they change it to nagware with the possibility to even track users.
Seems like there are no real options out there, except moving back to OnlyOffice which works great, they also made a bad move with disabling mobile editing, but at least no nagware …
I have to strongly agree with @erfus here. When I host Nextcloud with Collabora myself, I don’t want my browser to connect to third parties like rating.collaboraonline.com. My Cloud. My defaults. I do not want this tracking in my personal cloud.
The problem with that, at least for me, is that when I use it, I use it mostly on mobile. Because when I’m at my desktop I use Libre Office But I get your point. And no there are not much real alternatives out there, if any at all…
On the other hand, one must also take into account that maintaining an office suite is not exactly a small task and these companies must earn money somehow. I mean if it were easy there would be tons of alternatives out there, right? After all Collabora is based on Libre Office Online and that’s completely open source. So why not just take that and maintain something similiar yourself…?
I took a brief look at the source but I wasn’t able to find it yet.
But the Comment on github seems to be right. What I did was, I shared a document on my cloud and opened the shared document in private browser which will make the welcome screen appear.
And sure enough, in the network console of the browser debug mode there are connections to rating.collaboraonline.com:
//edit: It even gets worse. Since its loading the entire welcome.html and other js files, this would be a possibility to inject malware on all CODE instances if the collabora host gets compromised. This is a big no-no.
But maybe it is not all bad that they do it this way… Because we could probably just block rating.collabora.com in the browser with uBlock Origin or network wide via DNS blocker and the nag screen wouldn’t appear at all anymore…?
Yeah I agree they shouldn’t do this in the first place… But the only possible soultion I see in the long term is when the Nextcloud GmbH and / or the community would develop and maintain their own office solution based on Libre Office Online. Otherwise we will always be dependent on the decisions of a third party company.
Yes. But in my opinion, this is exactly the behavior that contradicts the requirements for a Nextcloud. With a self-hosted Nextcloud under my control, I only want communication between my clients and my Nextcloud and that only via TLS due to insecure networks. Third parties or even unencrypted connections have NOTHING to do there.
Perhaps Nextcloud should consider whether it can or wants to support this type of application at all. I think NOT. But what the heck. It’s just a little uncertain Why accept these beginnings? Because you have to, like Microsoft etc.? In my opinion it contradicts my ideas of an own self-controlled cloud.
I agree. But we are using a third party product here. And if they decide to go this route, they can do that. You can disagree you can try to reason with them but at the end of the day it’s their product and their descission.
No but it should be declaered in the description. The Nextcloud App store should probably have a similiar system like F-Droid has and cleary tell it’s users, when an app relys on third party services, uses non FOSS components etc…
Because the Nextcloud GmbH doesn’t have the rescources to develop and maintain a similiar product on their own… And they cannot force Collabora to remove it if they don’t want to…
Why was the post from mmeeks marked as “Soulution”? Who did this? I never marked his post as Solution since its clearly not a solution. @mmeeks We are not assuming here, you just give us no headroom to argue that this is JUST bad. If it would have been in good interest you would have removed it immediately and listen to the community which supported your project for years. Your post is not a solution, whoever marked this as a “Solution”.
I have to agree with @devnull , Nextcloud should consider stepping in here. This is a huge security risk and could offset quite a few users. I hate how the collabora team tries to argue this in the Github issue, this is clearly a bad decision. They argue that they don’t want large enterprises freeload FOSS which I can completely understand and support! But their move is clearly targeting small private users, when big companies want to freeload foss they just would compile their own image (since they just changed it to a compile time option). I don’t know what the goal is here. Collabora got HUGE support from the Nextcloud Project and Nextcloud Community, and now they change it to nagware with the possibility to inject code?
I don’t trust this project anymore. It is really sad after all the good things that happend the last years. Collabora would probably still fly under the radar without the support from Nextcloud. They have clearly not learned from the mistakes OnlyOffice made. Using great Opensource Projects to boost your company and then remove features, change it to nagware, but remote injecting code is a new dimension here.
Regarding the post from @bb77 blocking rating.collaboraonline.com blocking by DNS filtering would only work in company environments, and I have to agree with collabora here, companies should just buy their licenses. Actually ublock origin in chrome blocks the nag screen by default.
But sadly this does not work for the majority of “just a few friends and family” projects like mine. Also I don’t think that we should try to mitigate bad project decisions on the client side.