Sharing not available / visible anymore in WebApp

Hi everyone,

since upgrading from the last version of NC 13 to current 14.0.x i’m having problems with sharing. Sometimes on some clients (Win/Mac/…) i have the sharing options but most of the time i’m not having them. The Buttons etc. not visible. Sharing with the iOS or Win/Ubuntu/Mac Clients works fine.

I’ve found out that it’s a kind of error in combination with the Content-Security-Policy and Caching or something. But i’ve not found a working solution. Also i’d tried to reinstall the whole nextcloud and nothing worked. It’s a brand new server (Ubuntu 18.04, Apache 2.4.x mpm_event + http2 + mod_headers + mod_env …, PHP 7.2 FPM, APCu, sqlite) based on the docs of nextcloud.

The Nextcloud logs are empty on loglevel 2…

My NC config.php and Apache VHOST looks like this…

	<VirtualHost *:80>
	  DocumentRoot /var/www/nextcloud/public_html
	  ServerName mystorage.mydomain.com

	  CustomLog /var/log/apache2/access-nextcloud.log combined
	  ErrorLog /var/log/apache2/error-nextcloud.log

	  ServerAlias next23.de
	  Redirect permanent / https://mystorage.mydomain.com/
	</VirtualHost>
	<VirtualHost *:443>
	  DocumentRoot /var/www/nextcloud/public_html
	  ServerName mystorage.mydomain.com
	  
	  <IfModule http2_module>
		ProtocolsHonorOrder On
		Protocols h2 http/1.1
		#Protocols h2 h2c http/1.1
		#H2Direct on
	  </IfModule>
	  
	  CustomLog /var/log/apache2/access-nextcloud.log combined
	  ErrorLog /var/log/apache2/error-nextcloud.log
	  
	  SSLEngine on
	  SSLProtocol             all -SSLv2 -SSLv3
	  SSLCipherSuite          ECDHE-RSA-...
	  SSLHonorCipherOrder     on
	  SSLCompression          off
	  #Header edit Set-Cookie (?i)^(.*)(;\s*secure)??((\s*;)?(.*)) "$1; Secure$3$4"
	  SSLCertificateFile /etc/letsencrypt/live/mystorage.mydomain.com/cert.pem
	  SSLCertificateChainFile /etc/letsencrypt/live/mystorage.mydomain.com/chain.pem
	  SSLCertificateKeyFile /etc/letsencrypt/live/mystorage.mydomain.com/privkey.pem
	  
	  # NEXTCLOUD SECURE HEADER (teilweise ueber dessen htaccess auch gesetzt)
	  <IfModule mod_env.c>
		Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
		Header always set Referrer-Policy "no-referrer"
		#Header set X-Content-Type-Options "nosniff"
		#Header set X-XSS-Protection "1; mode=block"
		#Header set X-Robots-Tag "none"
		#Header set X-Download-Options "noopen"
		#Header set X-Permitted-Cross-Domain-Policies "none"
	  </IfModule>
	  <Location /ocs/v2.php/apps/serverinfo/api/v1/info>
		Require all denied
	  </Location>
	  <Directory "/">
		AllowOverride None
		Require all denied
	  </Directory>

	  <Directory "/var/www/nextcloud/public_html">
		Require all granted

		<Files ".*">
		  Require all denied
		</Files>

		Options -Indexes -FollowSymLinks +SymLinksIfOwnerMatch -Includes -MultiViews
		AllowOverride All
		AddDefaultCharset utf-8
	  </Directory>

	  SuexecUserGroup www-data www-data
	  <FilesMatch \.php$>
		SetHandler "proxy:unix:/var/run/php/php7.2-fpm.nextcloud.sock|fcgi://localhost/"
	  </FilesMatch>

	  UseCanonicalName off
	  RewriteEngine on

	  # MediaelementJS
	  AddType video/ogg .ogv
	  AddType video/mp4 .mp4
	  AddType video/webm .webm

	  <IfModule mod_dav.c>
	   Dav off
	  </IfModule>
	  SetEnv HOME /var/www/nextcloud/public_html
	  SetEnv HTTP_HOME /var/www/nextcloud/public_html
	</VirtualHost>

	# vim: syntax=apache ts=4 sw=4 sts=4 sr noet


?php
$CONFIG = array (
  'instanceid' => '...SECRET...',
  'passwordsalt' => '...SECRET...',
  'secret' => '...SECRET...',
  'trusted_domains' =>
  array (
	0 => 'mystorage.mydomain.com',
  ),
  'datadirectory' => '/var/www/nextcloud/data/data',
  'overwrite.cli.url' => 'https://mystorage.mydomain.com/',
  'dbtype' => 'sqlite3',
  'version' => '14.0.0.19',
  'installed' => true,
  'mail_smtpmode' => 'smtp',
  'mail_smtpauthtype' => 'LOGIN',
  'mail_from_address' => 'noreply',
  'mail_domain' => 'myotherdomain.com',
  'mail_smtpauth' => 1,
  'mail_smtpsecure' => 'tls',
  'mail_smtpport' => '25',
  'mail_smtphost' => 'mail.myotherdomain.com',
  'mail_smtpname' => 'noreply@myotherdomain.com',
  'mail_smtppassword' => '...SECRET...',
  'maintenance' => false,
  'theme' => '',
  'loglevel' => 3,
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'remember_login_cookie_lifetime' => 86400,
  'session_lifetime' => 86400,
  'auth.bruteforce.protection.enabled' => true,
  'versions_retention_obligation' => 'auto, 30',
  'data-fingerprint' => 'bdfe0c331dc4261e61dee8c9db93ee77',
  'default_language' => 'de'
);

The browser throws in the debug console the following errors

DEV_TOOL_NC1285×165 12.9 KB

has anyone an idea how to fix it?

thank you very much

Hi,

To avoid caching issues you could do a full refresh in the browser on all affected machines:
CTRL + F5

Additionally (probably already before the browser refresh) you could restart the server.

If you suspect a problem with CSP you could check your server with this test site here:

You could post the results here if you like and we can try to assist to solve problems if there are any.
Furthermore, you could increase the log level for nextcloud and check if then error messages appear.

Thanks for your answer. In the meantime, i’d found out that anykind of Browser Plugins like Ghostery, AdBlock Plus, or Avira Safe-Browsing breaks the file sharing. If one of these is enabled the file sharing isn’t usable. Maybe it’s reproducible, and anyone can find a solution for this so that it still works if these plugins are enabled…

Can you add your server to the white-list of these plugins?
Strange though, why these plugins block anything on the Nextcloud server. I use another anti-virus tool (with its web browser plugin) and NoScript, but both don’t block specific buttons or something like that.

So I can’t test with Ghostery and so on, while I don’t use them. Would be interesting to hear from other users, who use these plugins.

I confirm the not visible share icons with usage of Firefox and the Addon Ghostery.

Solution with usage of Ghostery is either to deactivate the filtering for the whole website or to disable only the “cosmetic filtering” for the website.

With that setting the share icons are visible again. After found the same issue today i was wondering because with the android app everything worked fine with the share options. Thanks for your hint @anon79251200!

Additional Info: That changed ghostery setting was not needed until nextcloud 14.