jhass
Keeweb leading to blank page
Hello, currently having an issue with accessing my .kdbx Database on my self hosted Nextcloud server. The server is currently running PHP 7.4 with Ubuntu 20.04LTS and Nginx. I have downloaded the app and can see it on my server. When I click on my database withing nextcloud, Its leading me to a blank page(Just my background color). I have checked through my Console and Networks tab and have found the error 403 Forbidden. The file is then Keeweb?config=config. Is there something I have to change so that the Keeweb app is accessible from Nextcloud? Thanks
Could these be the cause to the problem?
add-header X-XSS-Protection "1"; mode="block"; add_header Strict-Transport-Security "max-age=15552000" always;
STS headers I can't imagine, I have no clue what X-XSS-Protection does, should be easy enough to disable and see?
Please remove X-XSS-Protection. This is a non standard header and not needed anyway since Nextcloud and Keeweb already set appropriate CSP headers to mitigate XSS.
Also see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
In addition: think about upgrading to PHP 8.1 if possible. PHP 7.4 is officially "end of life" and Nextcloud will soon handle PHP 7.4 as deprecated and likely require PHP 8.1 in the future.
Also see: https://www.php.net/supported-versions.php
If that header is removed, Nextcloud will issue a Warning.
I stand corrected - in fact Nextcloud includes an .htaccess file which always sets that header for Apache (if the required module in Apache is enabled). Maybe it helps to check that file what other options are used for Apache - these headers are not the only thing.
Hi,
we had the same issue.
We resolved it at the firewall appliance level. Our firewall had static URL hardening enabled and the form disappears / blank page. After we disabled the static URL hardening firewall rule for the Nextcloud website, it works again as excepted.
Maybe this will someone help.
