From c8f7c5f74c8878e35f1ba4fdafe8b83d12c69f0d Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Tue, 23 Mar 2021 22:31:50 +0200
Subject: [PATCH] Collabora Online and Nextcloud, another try.

I swear it should be the other way round (it looks to me like Nextcloud
is embedding the code iframe), but disabling CSP on Nextcloud worked and
I saw a comment on the Internet about it so lets give it a try.
---
 conf.d/nextcloud.shore.co.il.conf | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/conf.d/nextcloud.shore.co.il.conf b/conf.d/nextcloud.shore.co.il.conf
index cb4389c..0ad4562 100644
--- a/conf.d/nextcloud.shore.co.il.conf
+++ b/conf.d/nextcloud.shore.co.il.conf
@@ -21,6 +21,9 @@ server {
     include     snippets/ssl.conf;
     include     snippets/nextcloud-well-known.conf;
 
+    # Allow to include iframes in code.shore.co.il.
+    add_header  Content-Security-Policy "frame-ancestors https://code.shore.co.il";
+
     location / {
         proxy_pass              http://$nextcloud$request_uri;
         proxy_http_version      1.1;
-- 
GitLab