Webapp behind ngnix reverse proxy

bringha

Hi there

I am running kopano web app behind a nginx reverse proxy. I have now the problem that the login widget of the kopano web app does not appear when called via reverse proxy. Accessing web app directly runs fine. The relevant definition in the nginx config is

location /webapp {

			proxy_ssl_session_reuse off;
                        proxy_pass https://X.Y.Z.A:443;
                        proxy_set_header Host $host;
                        proxy_set_header        X-Real-IP       $remote_addr;
                        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
                        proxy_redirect off;
                        proxy_ssl_server_name      on;
                        proxy_ssl_verify 	   off;
                }

What could have changed what is explaining this behavior?

Looking forward to your reply

Br br

marty

Hi @bringha,

What is your WebApp version and from what version did you upgrade?

This was merged a couple of days back. Could be related:
https://stash.kopano.io/projects/KW/repos/kopano-webapp/commits/524deb159004d5126b352381a7be2ea0c12e0005

bringha

Its WebApp 3.4.0.971-0+607.1, might be somewhat older but did work so far. Don’t know anymore from which version I updated …

bringha

Updated now to WebApp 3.4.6.1225+715.1 - the most actual one - now difference …

bringha

<Update> Found it: The problem ist that our NGINX reverse proxy is configured with Content Security Policy (CSP) in a pretty strict config. As Webapp uses a lot of inline scripting and inline eval it is not yet CSP compliant. We will have a debate how to deal with as we wanted to make Webapps accessible from outside.

Is it worthwhile to put a feature request for Webapp supporting CSP or is it perhaps already on the roadmap ?!

Looking forward to your reply.

Br br