Update from nextcloud 15.0.0 beta 2. to Nextcloud 15.0.0 RC 1 doesn't work with webupdater


#1

hello,

I just try to update NC 15 beta 2 to NC 15 rc1 using the web updater (like i do usualy and it still work fine until today).
But here when i click on “Start Update”… nothing appens…it never begin…
nc_update

If anyone can tell me what to do or where i can look to solve this … it should be great :slight_smile:


#2

The updater is broken in this version, I think you can fix it by changing a small bit of code regarding the CSP policy. Look at your browser console and post the errors here.
Alternatively, you can also upgrade manually: https://docs.nextcloud.com/server/14/admin_manual/maintenance/manual_upgrade.html


#3

here is the output of my browser console

"Uncaught EvalError: Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".


    at HTMLScriptElement. (root.vue:269)
    at Function.each (core.js?v=ec50261f-23:2)
    at a.fn.init.each (core.js?v=ec50261f-23:2)
    at Object.success (root.vue:268)
    at j (core.js?v=ec50261f-23:2)
    at Object.fireWith [as resolveWith] (core.js?v=ec50261f-23:2)
    at x (core.js?v=ec50261f-23:4)
    at XMLHttpRequest. (core.js?v=ec50261f-23:4)"

#4

There are some files where script-src is set to ‘self’. You have to find these lines and change it to ‘unsafe-eval’

I don’t know which files you have to change though. There is “ContentSecurityPolicyManagerTest.php” in ⁨tests⁩ ▸ ⁨lib⁩ ▸ ⁨Security⁩ ▸ ⁨CSP⁩. Try if it works or search for other files and amend them. Report back please if it worked.


#5

We found this as well and we fixed this in 15.0.0 RC 2. So until then you need to use the CLI based updater.phar inside /path/to/nextcloud/updater to update. Once you are at 15.0.0 RC 2 the web based updater works again.


#6