Hi, I’m wondering if I have a configuration issue or if I have found a bug here.
When visiting a shareable link for an audio file, the file will not play. Instead, you get a content security policy error. See here: https://nextcloud.tuckerm.us/s/Bae4GGg72wHqa59. Note the CSP error in the browser console because the source of the file is over HTTP, not HTTPS.
This does not happen with video files, like here: https://nextcloud.tuckerm.us/s/4ZPn9Wga4BqF3Cc. The video source is over HTTPS, and the video plays.
That is on a brand new Nextcloud install using the docker-compose file found here: https://github.com/nextcloud/docker/tree/master/.examples/docker-compose/with-nginx-proxy/mariadb-cron-redis/fpm. I didn’t make any other configuration changes.
At first I thought this could be fixed by changing a base URL somewhere, but the fact that it’s only with
<audio> tags, and not
<video> ones, makes me think that those are getting their src URLs from different places, and that it’s a bug with embedding audio.
Nextcloud version: 18.0.3
Ubuntu version: 18.04
Nginx version (web container): 1.17.9
Nginx version (proxy container): 1.17.6