My test was: 1. docker run -d -p 8080:80 nextcloud 2. My IP is 192.168.100.20. I opened http://192.168.100.20:8080 in browser, set up Nextcloud and installed Collabora Online app 3. docker run -t -d -p 9980:9980 -e "extra_params=--o:ssl.enable=false" collabora/code 4. I set up the WOPI URL in Nextcloud to http://192.168.100.20:9980 The iframe is not loaded because of CSP violation. Since: commit 296aba1beae64a65e4e86631a9c1458073ec8c2e Author: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de> Date: Fri Nov 23 09:33:13 2018 +0100 Improve allowed frame-ancestors and commit 8f1abe48397d7da4629fb50324289ad39102cfc7 Author: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de> Date: Wed Nov 28 09:36:24 2018 +0100 Only add the host to frame-ancestors Not a big deal, but ideally port number should be taken into account, in case someone runs the WOPI host on a non-standard port.
In fact, this bug caused a lot of reports on Nextcloud forums. https://help.nextcloud.com/t/no-documents-are-shown-after-upgrading-to-loolwsd-4-0/43634 https://help.nextcloud.com/t/collabora-error-setup/44667 https://help.nextcloud.com/t/requesting-address-is-denied-172-17-0-1-wsd-loolwsd-cpp-1971/44179
Let's set this to confirmed, then.
Samuel Mehrbrodt committed a patch related to this issue. It has been pushed to "master": https://git.libreoffice.org/online/+/9d1c6f03cad9e6aa023807031b22aba6e9df4909%5E%21 tdf#122451 CSP: Allow all ports of known hosts
Should be better now hopefully.
Samuel Mehrbrodt committed a patch related to this issue. It has been pushed to "libreoffice-6-2": https://git.libreoffice.org/online/+/532bc18a2c7afe5cc224e07a74d593435a29e2f1%5E%21 tdf#122451 CSP: Allow all ports of known hosts