Patrizio Bekerle

The share API was contributed by @aleixq in #61. Hm, is an external app. Maybe it would really be a better idea to talk to the developers of the app...

Maybe just try to open an issue at https://github.com/nextcloud/password_policy/issues.

At least https://github.com/nextcloud/password_policy is a different app. Maybe one has more luck asking there...

Thank you for your concern. What is it you would like to achieve by this change? Improve how the generated token looks on the Nextcloud Admin page?

> Contents of nextcloud/data/nextcloud.log Don't you have logs in your Nextcloud admin console? Something like

> fetch("https://nx904.your-storageshare.de/public.php/webdav/", { where are you making this request? In a browser on your webpage?

> It works using plain curl: curl hasn't the same restrictions as a web-browser

> wasm_exec.js Are you using web assembly to run the fetch? I've no idea what the browser restrictions are in that case...

Like I said, I've no idea how CORS is handled inside WASM in a browser. And I don't think that you simply can spoof the referrer in the fetch command,...

After all CORS is something your web browser enforces, not the Nextcloud server. webapppassword only attempts to set some headers (hoping that hetzner doesn't override them, you should see those...