Nextcloud reports issue (14.0.4)

I just updated NS7, which included NC14.0.4. Now NC reports:


The admin manual says ‘no-referer’ is hardcoded and in effect by default

Any suggestions on what I can do, or is this an oversight in the RPM, or something else?

TIA

ps. found a hint, but I wonder what is the root cause…

apachectl -M shows the required modules are loaded:
image

and the NC .htaccess file has:

It seems caused by having the Referrer-Policy header send twice (duplicated): one in the default vhost and another one in .htaccess

Cannot check it right now, but commenting one of them should suffice. For instance, commenting the line from vhost:

Related:

/cc. @alep

4 Likes

Spot on. I commented it out in the .htaccess file and the warning is no longer there:
image

Thanks!

IIRC the .htaccess comes from nextcloud package, therefore next update could bring back the issue, so maybe a fix is needed on our (nethserver) part. Let’s give some time to the developers to take a look at it.

3 Likes

Understand (quick test) and agree.

It is correct, I have the same results.

The Referrer-Policy header was introduced with upgrade to 14.0.0 version.

The warning has appeared on 14.0.0 version and the set of Apache HTTP header added by nethserver-nextcloud fixed the warning until the new version 14.0.4.

Because now the header is present into the .htaccess (by nextcloud rpm) I think it should be removed from nethserver-nextcloud httpd template (as @dnutan said).

As explained here Nextcloud 15 available new Nextcloud 15 is in testing and also this warning should be resolved.

1 Like

@LayLow could you confirm this ?

@alep, I can test in 6 hours or so.

HTH

1 Like

Sorry for the delay, yes I can confirm that the ‘referrer’ issue is no longer present.

Many thanks!

2 Likes

After some successful test we have released the final version https://github.com/NethServer/dev/issues/5674

Happy nextcloud ! :slight_smile:

3 Likes

Upgrade from 14.0.4 to 15.0 went just fine. Many thanks!

1 Like