Stuck again on login screen - Content Security Policy violation

I’m trying to use NextCloud 23.0.0 using the official Docker image. I re-installed NC on Friday and was able to successfully login until yesterday (Sunday) evening. Posting in the Installation category, as it seems that I’m doing something wrong at the installation; Nextcloud doesn’t work in a stable way after installation.

When I now try to login, I seem to be stuck on the login screen. The browser console shows the following issue:

Refused to send form data to '' because it violates the following Content Security Policy directive: "form-action 'self'".

Between yesterday evening and now, I haven’t changed anything at all (was sleeping :wink: ). I’m having the issue with numerous browsers, so it’s also not related to my browser.

On I’m seeing the following Content-Security-Policy header:

default-src 'none';
base-uri 'none';
manifest-src 'self';
script-src 'nonce-bnprdU1xc1JTQXpHaXpvZS9SMUhnME9KWFZsSlNHbEcra1p1R2JyaUdSYz06cmxWWFh2MGlCMytmODNoUGgxb2Y5RFA4RjJzbEVUQWNtUW9qVm9PeWJIOD0=' blob:;
style-src 'self' 'unsafe-inline';
img-src 'self' data: blob: https://*;
font-src 'self' data:;
connect-src 'self' blob:;
media-src 'self' blob:;
frame-src 'self';
child-src blob: 'self';
frame-ancestors 'self';
worker-src 'self' blob:;
form-action 'self'

According to the error message in the browser console, the issue is with the “form-action” part of the content-security-policy header: form-action 'self'

If the login is on (or, what would be the correct value? form-action 'self' is the default.

cd lib/public/AppFramework/Http/
cp  ContentSecurityPolicy.php ContentSecurityPolicy.php.bak
vim ContentSecurityPolicy.php

edit this line:

protected $allowedFormActionDomains = [

This solvled my policy issue.