Refused to display XXX iframe because an ancestor violates the following Content Security Policy directive

[nadavkav]

I am trying to test my local development Moodle system with a remote (and public) nextcloud+collabora install. that works fine.
(Followed these install instruction: https://nextcloud.com/collaboraonline/)

Refused to display 'https://collabora.my-public-domain/loleaflet/a96fdaa/loleaflet.html?WOPISrc=http://localhost/moodle-org/moodle_38_stable/mod/collabora/callback.php/wopi/files/651_0&access_token=2c042782c5f9&closebutton=1' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors collabora.my-public-domain:* localhost:*".

[Dagefoerde]

HI Nadav, great to hear that you are trying out our plugin! This seems to be a configuration issue in Collabora, which apparently restricts the set of domains that may include it in an iframe. Adding your Moodle host to the list of frame-ancestors in the Collabora config should do the trick.
Specifically, in step 1 "Install the Collabora Online server" you could add a second host to the --domain argument using | as suggested in the description.

[nadavkav]

Hi @Dagefoerde , thank you for the quick response!
I tried to add the extra domains I am using to the docker run ... command, but it did not solve this issue.
I wonder where exactly inside the Collabora docker I can find the relevant settings that is responsible for the frame-ancestors directive. Do you have any idea?

[nadavkav]

I read: https://www.collaboraoffice.com/code/docker/ and updated the collabora configuration file: /etc/loolwsd/loolwsd.xml with my localhost development domain, which solved the above issue 😄

But now I am getting a new error inside the iframe:
Failed to load resource: the server responded with a status of 502 ()

Found some clues, but not sure if it works:
https://help.nextcloud.com/t/collabora-nextcloud-work-locally-but-not-from-remote-server/54604

[Dagefoerde]

Sorry, I must admit I have no idea about the configuration of Collabora. Maybe their community can help. Also, have you seen this guide? https://github.com/learnweb/moodle-mod_collabora/blob/master/Collabora-Config.md maybe that helps, too!

[Ashod]

But now I am getting a new error inside the iframe:
Failed to load resource: the server responded with a status of 502 ()

Hi @nadavkav,

If you still have this issue, it's always a good idea to see if the connection is setup correctly before loading documents, to minimize the number of variables involved. So, try fetching (using wget, or even just the browser): https://domain.name:9980/hosting/capabilities

Change https to http if you aren't using SSL, and of course use either the IP or domain-name that is reachable to the server (and make sure the port is correct, 9980 is the default). The /hosting/capabilities URL should return a JSON with WSD (the Collabora Server) parameters.

I suspect you aren't reaching the server because the domain-name you are using is not resolving. If true, I'd find out the IP and use that (at least to validate this hunch).

Hope this helps.