nextcloud memories, Missing Line in nginx-nextcloud.conf

[droogi]

Creating a bug report/issue

• [ x] I have searched the existing open and closed issues

Required Information

• dietpi 9.6

Additional Information (if applicable)

• nextcloud 29.0.4 and App memories

Steps to reproduce

Install nginx, nextcloud,nc App memories, lets-encrypt

Expected behaviour

Memories should Display thumbs and images

Actual behaviour

Thumbs are generated, but are Gray and images are Not displayed

Extra details

Solution is to add Line in /etc/nginx/sites-available/dietpi-nextcloud.conf

add_header Cross-Origin-Embedder-Policy credentialless;

I added It twice, IT works AS IT should now

pulsejet/memories#1236 (comment)

Regards, droogi

[droogi]

Maps Work again also (App Maps opened, but No layer was displayed)

[MichaIng]

Hmm, this does not seem to be supported widely among browsers, e.g. Safari and certain mobile browsers do not support it at all:

• https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Embedder-Policy
• https://caniuse.com/?search=Cross-Origin-Embedder-Policy%3A%20credentialless

Isn't it possible to do all this with CSP? Nextcloud has an API for this, which can be used by apps, if I am not mistaken.

This does not seem suitable to add for all Nextcloud instances, also it should be probably added for the very specific URLs used by this app only, instead of disabling CORS entirely for the whole Nextcloud instance. This all can be done much better with CSP from the backend/app code, instead of globally via webserver configuration. I suggest you talk to its developer/maintainer about this.

Also, why did you add it twice?