Spinning wheel in APP list

dschulz · September 4, 2016, 12:10pm

Hi,

after doing a fresh install of Nextcloud 10 on Debian 8, mysql, I cannot add or configure APPs. Opening the dropdown menu on the left side of the web interface shows the activated apps with the spinning wheel. The apps “activity” can be started and seems to work, starting “Apps” results in spinning wheel on the left and right side of the web ui, no progress even after waiting a very long time.
Nextcloud.log is empty.

Any idea what might have happend?

Thanks for your ideas!

MariusBluem · September 4, 2016, 1:33pm

Hi @dschulz,

I am sorry to hear about your problems with configuring your Nextcloud. Could you please provide some more information about your instance (OS, Webserver, PHP, …) … The easiest way to do this would be to fill out the issue template you will find here:

github.com

nextcloud/server/blob/master/issue_template.md

<!--
Thanks for reporting issues back to Nextcloud! This is the issue tracker of Nextcloud, if you have any support question please check out https://nextcloud.com/support

This is the bug tracker for the Server component. Find other components at https://github.com/nextcloud/

For reporting potential security issues please see https://nextcloud.com/security/

To make it possible for us to help you please fill out below information carefully. 
You can also use the Issue Template application to prefill most of the required information: https://apps.nextcloud.com/apps/issuetemplate

If you are a customer, please submit your issue directly in the Nextcloud Portal https://portal.nextcloud.com so it gets resolved more quickly by our dedicated engineers.

Note that Nextcloud is an open source project backed by Nextcloud GmbH. Most of our volunteers are home users and thus primarily care about issues that affect home users. Our paid engineers prioritize issues of our customers. If you are neither a home user nor a customer, consider paying somebody to fix your issue, do it yourself or become a customer.
--> 
### Steps to reproduce
1.
2.
3.

### Expected behaviour

This file has been truncated. show original

Thank you

Marius

dschulz · September 4, 2016, 4:22pm

Hi Marius,

I have just found the reason for the problems. Due to a security audit I have set a few Headers within Apache.

Removing the following solved my problem:
Header set Content-Security-Policy “default-src https:”

Here is a complete list of my headers:

<IfModule mod_headers.c>
  Header set X-Content-Type-Options nosniff
  Header set X-Frame-Options  DENY
  Header set Content-Security-Policy  "frame-ancestors 'none'"
  Header set X-XSS-Protection "1; mode=block"
  #  Header set Content-Security-Policy "default-src https:"
</IfModule>

Perhaps you have an idea what have happened.

OS is Debian 8.5
web server is Apache 2.4.10

Thanks a lot
Dirk

rullzer · September 5, 2016, 7:26am

This probably happens because we set the CSP policy as well. @LukasReschke should know more

LukasReschke · September 5, 2016, 7:28am

Your CSP header is not really more secure than the one we ship by default. Also, don’t set such headers yourself. It will break stuff.