You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
this is my NGINX Config:
`limit_conn_zone $server_name zone=appnode_sitemgr_site_conn_airsky.space:100k;
limit_req_zone $server_name zone=appnode_sitemgr_site_req_airsky.space:100k rate=10000r/m;
I have added add_header to the nginx configuration, but the detection is still not added.
Actual behaviour
Should check out my configured http header
Server configuration
Operating system:CentOS7
Web server:NGINX 1.15.3
Database:MySQL 5.7.21
PHP version: 7.2.8
Nextcloud version:14.0.3 (see Nextcloud admin page)
Updated from an older Nextcloud/ownCloud or fresh install: Fresh Install
Where did you install Nextcloud from: The NextCloud Website
Signing status:
No errors have been found.
Login as admin user into your Nextcloud and access
http://example.com/index.php/settings/integrity/failed
paste the results here.
List of activated apps:
Accessibility
Activity
Auditing / Logging
Collaborative tags
Comments
Deleted files
Federation
File sharing
Files automated tagging
First run wizard
Gallery
Log Reader
Monitoring
Nextcloud announcements
Notifications
Password policy
PDF viewer
Share by mail
Support
Text editor
Theming
Update notification
Usage survey
Versions
Video player
Default encryption module
External storage support
External user support
LDAP user and group backend
If you have access to your command line run e.g.:
sudo -u www-data php occ app:list
from within your Nextcloud installation folder
If you have access to your command line run e.g.:
sudo -u www-data php occ config:list system
from within your Nextcloud installation folder
or
Insert your config.php content here.
Make sure to remove all sensitive content such as passwords. (e.g. database password, passwordsalt, secret, smtp password, …)
Are you using external storage, if yes which one: LOCAL local/smb/sftp/...
Are you using encryption: NO yes/no
Are you using an external user-backend, if yes which one: NO LDAP/ActiveDirectory/Webdav/...
Error parsing header X-XSS-Protection: 1; mode=block, 1; mode=block: expected semicolon at character position 13. The default protections will be applied.
core.js?v=6124ab1d-2:7 JQMIGRATE: Migrate is installed, version 1.4.0
DevTools failed to parse SourceMap: https://airsky.space/apps/updatenotification/js/updatenotification.js.map
DevTools failed to parse SourceMap: https://airsky.space/apps/notifications/js/notifications.js.map
Insert your browser log here, this could for example include:
a) The javascript console log
b) The network log
c) ...
The text was updated successfully, but these errors were encountered:
GitMate.io thinks possibly related issues are #6673 (Issue because enforcing security header), #9316 (Add Support for Link headers), #2898 (Upgrade Issue), #3225 (Header layout issue on narrow screens), and #6035 (HSTS - nginx).
As this seems to be a setup issue I would like to ask you to raise your question in the forums: https://help.nextcloud.com
If you wish support with setup issues from Nextcloud GmbH we offer this as part of the Nextcloud subscription. Learn more about this at https://nextcloud.com/enterprise/
Steps to reproduce
this is my NGINX Config:
`limit_conn_zone $server_name zone=appnode_sitemgr_site_conn_airsky.space:100k;
limit_req_zone $server_name zone=appnode_sitemgr_site_req_airsky.space:100k rate=10000r/m;
server {
listen 80;
listen 443 ssl http2;
server_name airsky.space;
ssl_certificate /data/GvwlwGXS/sites/airsky.space/ssl/site.crt;
ssl_certificate_key /data/GvwlwGXS/sites/airsky.space/ssl/site.key;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_session_cache shared:SSL:5m;
ssl_session_timeout 5m;
keepalive_timeout 75s;
keepalive_requests 100;
access_log /data/GvwlwGXS/sites/airsky.space/log/nginx/access.log;
error_log /data/GvwlwGXS/sites/airsky.space/log/nginx/error.log;
root /data/GvwlwGXS/sites/airsky.space/www;
}`
Expected behaviour
I have added add_header to the nginx configuration, but the detection is still not added.
Actual behaviour
Should check out my configured http header
Server configuration
Operating system:CentOS7
Web server:NGINX 1.15.3
Database:MySQL 5.7.21
PHP version: 7.2.8
Nextcloud version:14.0.3 (see Nextcloud admin page)
Updated from an older Nextcloud/ownCloud or fresh install: Fresh Install
Where did you install Nextcloud from: The NextCloud Website
Signing status:
No errors have been found.
List of activated apps:
Accessibility Activity Auditing / Logging Collaborative tags Comments Deleted files Federation File sharing Files automated tagging First run wizard Gallery Log Reader Monitoring Nextcloud announcements Notifications Password policy PDF viewer Share by mail Support Text editor Theming Update notification Usage survey Versions Video player Default encryption module External storage support External user support LDAP user and group backend
Nextcloud configuration:
'XXX', 'passwordsalt' => 'XXX', 'secret' => 'XXX', 'trusted_domains' => array ( 0 => 'XXX', ), 'datadirectory' => 'XXX', 'dbtype' => 'mysql', 'version' => '14.0.3.0', 'overwrite.cli.url' => 'XXX', 'dbname' => 'nextcloud', 'dbhost' => 'localhost', 'dbport' => '', 'dbtableprefix' => 'oc_', 'mysql.utf8mb4' => true, 'dbuser' => 'XXX', 'dbpassword' => 'XXX', 'installed' => true, 'mail_smtpmode' => 'smtp', 'mail_smtphost' => 'in.mailjet.com', 'mail_smtpport' => '2525', 'mail_smtpauthtype' => 'LOGIN', 'mail_smtpauth' => 1, 'mail_smtpname' => 'XXX', 'mail_smtppassword' => 'XXX', 'mail_domain' => 'XXX', 'mail_from_address' => 'system', 'filelocking.enabled' => true, 'memcache.local' => '\OC\Memcache\Redis', 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => 'localhost', 'port' => 6379, 'timeout' => 0.0, 'password' => 'XXX', ), );
Are you using external storage, if yes which one: LOCAL local/smb/sftp/...
Are you using encryption: NO yes/no
Are you using an external user-backend, if yes which one: NO LDAP/ActiveDirectory/Webdav/...
Client configuration
Browser: Chrome 70.0.3538.67
Operating system: Windows10 18262.1000
Logs
Web server error log
[error.log](https://github.com/nextcloud/server/files/2504908/error.log)
Nextcloud log (data/nextcloud.log)
[nextcloud.log](https://github.com/nextcloud/server/files/2504904/nextcloud.log)
Browser log
Error parsing header X-XSS-Protection: 1; mode=block, 1; mode=block: expected semicolon at character position 13. The default protections will be applied. core.js?v=6124ab1d-2:7 JQMIGRATE: Migrate is installed, version 1.4.0 DevTools failed to parse SourceMap: https://airsky.space/apps/updatenotification/js/updatenotification.js.map DevTools failed to parse SourceMap: https://airsky.space/apps/notifications/js/notifications.js.map
The text was updated successfully, but these errors were encountered: