Question regarding “Content-Security-Policy”

Antwan · November 19, 2016, 7:04am

Hello,

I have setup ownCloud both on a shared hosting and on a private server and what I would like is to add a iframe to the public download page.

I’ve editted …/apps/files_sharing/templates/public.php to add my iframe code for my facebook page, but it stays white and doesn’t load.

Chrome console states the following:
Refused to frame ‘[FB LINK HERE]’ because it violates the following Content Security Policy directive: “frame-src ‘self’”.

tflidd · November 22, 2016, 9:28am

owncloud-forum is here: https://central.owncloud.org

But at the moment you can only completely remove the CSP-headers from the code by hand. There was a topic recently on the owncloud forum (solution for NC would be the same).

Antwan · November 22, 2016, 11:57am

Ooops… I meant NextCloud, I just upgraded when I made the post