[Bug]: v28 - Your webserver does not serve .mjs files using the JavaScript MIME type...

[rchaconmolero]

⚠️ This issue respects the following points: ⚠️

• This is a bug, not a question or a configuration/webserver/proxy issue.
• This issue is not already reported on Github OR Nextcloud Community Forum (I've searched it).
• Nextcloud Server is up to date. See Maintenance and Release Schedule for supported versions.
• I agree to follow Nextcloud's Code of Conduct.

Bug description

After upgrade from 28.0.1 to 28.0.2 RC1 appears in security and setup warning page:
There are some errors regarding your setup.
Your webserver does not serve .mjs files using the JavaScript MIME type. This will break some apps by preventing browsers from executing the JavaScript files. You should configure your webserver to serve .mjs files with either the text/javascript or application/javascript MIME type.

Steps to reproduce

1. Upgrade vie Web GUI.
2. No error in upgrade process.
3. There are some errors regarding your setup.
   Your webserver does not serve .mjs files using the JavaScript MIME type. This will break some apps by preventing browsers from executing the JavaScript files. You should configure your webserver to serve .mjs files with either the text/javascript or application/javascript MIME type.

Expected behavior

No messages about "Your webserver does not serve .mjs files using the JavaScript MIME type."

Installation method

Community Manual installation with Archive

Nextcloud Server version

28

Operating system

Debian/Ubuntu

PHP engine version

PHP 8.1

Web server

Apache (supported)

Database engine version

None

Is this bug present after an update or on a fresh install?

Updated from a MINOR version (ex. 22.1 to 22.2)

Are you using the Nextcloud Server Encryption module?

Encryption is Disabled

What user-backends are you using?

• Default user-backend (database)
• LDAP/ Active Directory
• SSO - SAML
• Other

Configuration report

# sudo -u www-data php /var/www/nextcloud/occ config:list system
{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "localhost",
            "next01d.canal-sur.interno"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "version": "28.0.2.0",
        "overwrite.cli.url": "https:\/\/next01d.canal-sur.interno\/",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "filelocking.enabled": "true",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "memcache.local": "\\OC\\Memcache\\APCu",
        "memcache.distributed": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "port": 0,
            "dbindex": 0,
            "password": "***REMOVED SENSITIVE VALUE***",
            "timeout": 1.5
        },
        "default_phone_region": "ES",
        "mail_smtpmode": "smtp",
        "mail_sendmailmode": "smtp",
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpport": "587",
        "mail_smtpauth": 1,
        "mail_smtpauthtype": "LOGIN",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpdebug": true,
        "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
        "mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpstreamoptions": {
            "ssl": {
                "verify_peer": false,
                "verify_peer_name": false
            }
        },
        "htaccess.RewriteBase": "\/",
        "updater.release.channel": "beta",
        "maintenance": false,
        "theme": "",
        "loglevel": 2,
        "twofactor_enforced": "false",
        "twofactor_enforced_groups": [],
        "twofactor_enforced_excluded_groups": [],
        "app_install_overwrite": [
            "twofactor_admin"
        ],
        "logfile": "\/var\/log\/nextcloud\/nextcloud.log",
        "logtimezone": "Europe\/Madrid",
        "log.condition": {
            "apps": [
                "admin_audit"
            ]
        },
        "logfile_audit": "\/var\/log\/nextcloud\/nextcloud.log",
        "trashbin_retention_obligation": "auto, 7",
        "versions_retention_obligation": "auto, 7",
        "allow_user_to_change_display_name": false,
        "activity_expire_days": 1,
        "ldapProviderFactory": "OCA\\User_LDAP\\LDAPProviderFactory",
        "ldapUserCleanupInterval": 30,
        "session_lifetime": 86400,
        "remember_login_cookie_lifetime": "0",
        "session_keepalive": "false",
        "preview_max_x": 1024,
        "preview_max_y": 768,
        "preview_max_scale_factor": 1,
        "updater.secret": "***REMOVED SENSITIVE VALUE***",
        "maintenance_window_start": 17
    }
}

List of activated Apps

# sudo -u www-data php /var/www/nextcloud/occ app:list
Enabled:
  - activity: 2.20.0
  - admin_audit: 1.18.0
  - bruteforcesettings: 2.8.0
  - circles: 28.0.0-dev
  - cloud_federation_api: 1.11.0
  - comments: 1.18.0
  - contacts: 5.5.1
  - contactsinteraction: 1.9.0
  - dashboard: 7.8.0
  - dav: 1.29.1
  - federatedfilesharing: 1.18.0
  - federation: 1.18.0
  - files: 2.0.0
  - files_accesscontrol: 1.18.0
  - files_automatedtagging: 1.18.0
  - files_external: 1.20.0
  - files_pdfviewer: 2.9.0
  - files_reminders: 1.1.0
  - files_sharing: 1.20.0
  - files_trashbin: 1.18.0
  - files_versions: 1.21.0
  - groupfolders: 16.0.3
  - impersonate: 1.15.0
  - logreader: 2.13.0
  - lookup_server_connector: 1.16.0
  - nextcloud_announcements: 1.17.0
  - notifications: 2.16.0
  - oauth2: 1.16.3
  - onlyoffice: 9.0.0
  - password_policy: 1.18.0
  - photos: 2.4.0
  - privacy: 1.12.0
  - provisioning_api: 1.18.0
  - recommendations: 2.0.0
  - related_resources: 1.3.0
  - serverinfo: 1.18.0
  - settings: 1.10.1
  - sharebymail: 1.18.0
  - support: 1.11.0
  - survey_client: 1.16.0
  - systemtags: 1.18.0
  - text: 3.9.1
  - theming: 2.3.0
  - twofactor_backupcodes: 1.17.0
  - updatenotification: 1.18.0
  - user_ldap: 1.19.0
  - user_status: 1.8.1
  - viewer: 2.2.0
  - workflowengine: 2.10.0
Disabled:
  - encryption: 2.16.0
  - files_retention: 1.16.0 (installed 1.16.0)
  - files_rightclick: 0.15.1 (installed 1.6.0)
  - firstrunwizard: 2.17.0 (installed 2.16.0)
  - suspicious_login: 6.0.0
  - twofactor_totp: 10.0.0-beta.2 (installed 8.0.0-alpha.0)
  - weather_status: 1.8.0 (installed 1.6.0)

Nextcloud Signing status

No errors have been found.

Nextcloud Logs

No response

Additional info

No response

[joshtrichards]

Are you saying you know with certainty the test should pass in your environment?

Can you confirm things that require mjs are fully functioning:

• Does the Activity page function?
• Does Administration settings->Logging show current log entries?

[rchaconmolero]

Yes. Activity and logging show current logs entries.

[solracsf]

What is the output of:

curl -I https://your.nextcloud.tld/apps/settings/js/esm-test.mjs

[susnux]

@rchaconmolero this would be interesting because what that test does is testing to access your instance and check the returned mime type. Meaning if your server can not resolve its own host name it will fail here.

What is the output of:

curl -I https://your.nextcloud.tld/apps/settings/js/esm-test.mjs

Also it would be really helpful if you could set the logging level to debug and send the logfile or at least search the log for an entry like the following and send that entry if it exists:

Can not connect to local server for checking JavaScript modules support

[joshtrichards]

Meaning if your server can not resolve its own host name it will fail here.

Specifically*: At least one of Nextcloud's configured trusted_domains must be accessible (via its URL) from the Nextcloud app server itself.

*Or at least that's my take from my first read though of this recently added code

[rchaconmolero]

In Chrome or webserver, URL --> "https://next01d.canal-sur.interno/apps/settings/js/esm-test.mjs"

/**

• This is a dummy file for testing webserver support of JavaScript modules.
  */

export default 'Hello'

.- The output to the command

# curl -I https://next01d.canal-sur.interno/apps/settings/js/esm-test.mjs HTTP/2 200
strict-transport-security: max-age=15552000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
last-modified: Sat, 20 Jan 2024 10:43:51 GMT
etag: "6d-60f5e45bc0776"
accept-ranges: bytes
content-length: 109
vary: Accept-Encoding
cache-control: max-age=15778463
content-type: text/javascript
date: Sun, 21 Jan 2024 05:27:03 GMT
server: Apache

[pandusen]

I can confirm the same issue, after update: 28.0.1 to 28.0.2 RC1

My output from curl -I https://your.nextcloud.tld/apps/settings/js/esm-test.mjs :

HTTP/1.1 200 OK
Date: Sun, 21 Jan 2024 11:11:18 GMT
Server: Apache/2.4.57 (AlmaLinux) OpenSSL/3.0.7
Strict-Transport-Security: max-age=63072000
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Upgrade: h2
Connection: Upgrade
Last-Modified: Sun, 21 Jan 2024 07:11:10 GMT
ETag: "6d-60f6f6af88f68"
Accept-Ranges: bytes
Content-Length: 109
Cache-Control: max-age=15778463
Content-Type: text/javascript

[solracsf]

For those with the problem, can you please:

Also it would be really helpful if you could set the logging level to debug and send the logfile here, or at least, search the log for an entry like the following and send that complete entry if it exists:

Can not connect to local server for checking JavaScript modules support

[pandusen]

I am simultaneously also have the "Could not load log entries" error.
Currently investigating. Edit: Above was a ublock issue.

Yes, my log contains this entry:

LocalServerExceptionCould not detect any host Can not connect to local server for checking JavaScript modules support

Also has this Entry:
LocalServerException
Host violates local access rules
Can not connect to local server for checking JavaScript modules support

[solracsf]

@pandusen can you post the full RAW stack trace from the log reader app about
Can not connect to local server for checking JavaScript modules support?

[pandusen]

Sure
(I have replaced fqdn and username.)

Could not detect any host:

{
  "reqId": "Za0hieI4tzKF-QVLu1D6wwAA1iE",
  "level": 0,
  "time": "2024-01-21T13:52:11+00:00",
  "remoteAddr": "192.168.0.30",
  "user": "user",
  "app": "settings",
  "method": "GET",
  "url": "/index.php/settings/ajax/checksetup",
  "message": "Can not connect to local server for checking JavaScript modules support",
  "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36",
  "version": "28.0.2.0",
  "exception": {
    "Exception": "OCP\\Http\\Client\\LocalServerException",
    "Message": "Could not detect any host",
    "Code": 0,
    "Trace": [
      {
        "file": "/var/www/html/nextcloud/lib/private/Http/Client/Client.php",
        "line": 260,
        "function": "preventLocalAddress",
        "class": "OC\\Http\\Client\\Client",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/apps/settings/lib/SetupChecks/JavaScriptModules.php",
        "line": 67,
        "function": "head",
        "class": "OC\\Http\\Client\\Client",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/SetupCheck/SetupCheckManager.php",
        "line": 49,
        "function": "run",
        "class": "OCA\\Settings\\SetupChecks\\JavaScriptModules",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/apps/settings/lib/Controller/CheckSetupController.php",
        "line": 303,
        "function": "runAll",
        "class": "OC\\SetupCheck\\SetupCheckManager",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/AppFramework/Http/Dispatcher.php",
        "line": 230,
        "function": "check",
        "class": "OCA\\Settings\\Controller\\CheckSetupController",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/AppFramework/Http/Dispatcher.php",
        "line": 137,
        "function": "executeController",
        "class": "OC\\AppFramework\\Http\\Dispatcher",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/AppFramework/App.php",
        "line": 184,
        "function": "dispatch",
        "class": "OC\\AppFramework\\Http\\Dispatcher",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/Route/Router.php",
        "line": 315,
        "function": "main",
        "class": "OC\\AppFramework\\App",
        "type": "::"
      },
      {
        "file": "/var/www/html/nextcloud/lib/base.php",
        "line": 1069,
        "function": "match",
        "class": "OC\\Route\\Router",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/index.php",
        "line": 39,
        "function": "handleRequest",
        "class": "OC",
        "type": "::"
      }
    ],
    "File": "/var/www/html/nextcloud/lib/private/Http/Client/Client.php",
    "Line": 192,
    "message": "Can not connect to local server for checking JavaScript modules support",
    "exception": [],
    "url": "cloud.nextcloud.tld/apps/settings/js/esm-test.mjs",
    "CustomMessage": "Can not connect to local server for checking JavaScript modules support"
  },
  "id": "65ad22baddbdd"
}

Host violates local access rules:

{
  "reqId": "Za0hieI4tzKF-QVLu1D6wwAA1iE",
  "level": 0,
  "time": "2024-01-21T13:52:11+00:00",
  "remoteAddr": "192.168.0.30",
  "user": "user",
  "app": "settings",
  "method": "GET",
  "url": "/index.php/settings/ajax/checksetup",
  "message": "Can not connect to local server for checking JavaScript modules support",
  "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36",
  "version": "28.0.2.0",
  "exception": {
    "Exception": "OCP\\Http\\Client\\LocalServerException",
    "Message": "Host violates local access rules",
    "Code": 0,
    "Trace": [
      {
        "file": "/var/www/html/nextcloud/3rdparty/guzzlehttp/guzzle/src/PrepareBodyMiddleware.php",
        "line": 35,
        "function": "OC\\Http\\Client\\{closure}",
        "class": "OC\\Http\\Client\\DnsPinMiddleware",
        "type": "->",
        "args": [
          "*** sensitive parameters replaced ***"
        ]
      },
      {
        "file": "/var/www/html/nextcloud/3rdparty/guzzlehttp/guzzle/src/Middleware.php",
        "line": 31,
        "function": "__invoke",
        "class": "GuzzleHttp\\PrepareBodyMiddleware",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/3rdparty/guzzlehttp/guzzle/src/RedirectMiddleware.php",
        "line": 71,
        "function": "GuzzleHttp\\{closure}",
        "class": "GuzzleHttp\\Middleware",
        "type": "::",
        "args": [
          "*** sensitive parameters replaced ***"
        ]
      },
      {
        "file": "/var/www/html/nextcloud/3rdparty/guzzlehttp/guzzle/src/Middleware.php",
        "line": 63,
        "function": "__invoke",
        "class": "GuzzleHttp\\RedirectMiddleware",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/3rdparty/guzzlehttp/guzzle/src/HandlerStack.php",
        "line": 75,
        "function": "GuzzleHttp\\{closure}",
        "class": "GuzzleHttp\\Middleware",
        "type": "::",
        "args": [
          "*** sensitive parameters replaced ***"
        ]
      },
      {
        "file": "/var/www/html/nextcloud/3rdparty/guzzlehttp/guzzle/src/Client.php",
        "line": 331,
        "function": "__invoke",
        "class": "GuzzleHttp\\HandlerStack",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/3rdparty/guzzlehttp/guzzle/src/Client.php",
        "line": 168,
        "function": "transfer",
        "class": "GuzzleHttp\\Client",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/3rdparty/guzzlehttp/guzzle/src/Client.php",
        "line": 187,
        "function": "requestAsync",
        "class": "GuzzleHttp\\Client",
        "type": "->",
        "args": [
          "*** sensitive parameters replaced ***"
        ]
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/Http/Client/Client.php",
        "line": 261,
        "function": "request",
        "class": "GuzzleHttp\\Client",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/apps/settings/lib/SetupChecks/JavaScriptModules.php",
        "line": 67,
        "function": "head",
        "class": "OC\\Http\\Client\\Client",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/SetupCheck/SetupCheckManager.php",
        "line": 49,
        "function": "run",
        "class": "OCA\\Settings\\SetupChecks\\JavaScriptModules",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/apps/settings/lib/Controller/CheckSetupController.php",
        "line": 303,
        "function": "runAll",
        "class": "OC\\SetupCheck\\SetupCheckManager",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/AppFramework/Http/Dispatcher.php",
        "line": 230,
        "function": "check",
        "class": "OCA\\Settings\\Controller\\CheckSetupController",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/AppFramework/Http/Dispatcher.php",
        "line": 137,
        "function": "executeController",
        "class": "OC\\AppFramework\\Http\\Dispatcher",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/AppFramework/App.php",
        "line": 184,
        "function": "dispatch",
        "class": "OC\\AppFramework\\Http\\Dispatcher",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/lib/private/Route/Router.php",
        "line": 315,
        "function": "main",
        "class": "OC\\AppFramework\\App",
        "type": "::"
      },
      {
        "file": "/var/www/html/nextcloud/lib/base.php",
        "line": 1069,
        "function": "match",
        "class": "OC\\Route\\Router",
        "type": "->"
      },
      {
        "file": "/var/www/html/nextcloud/index.php",
        "line": 39,
        "function": "handleRequest",
        "class": "OC",
        "type": "::"
      }
    ],
    "File": "/var/www/html/nextcloud/lib/private/Http/Client/DnsPinMiddleware.php",
    "Line": 150,
    "message": "Can not connect to local server for checking JavaScript modules support",
    "exception": [],
    "url": "https://cloud.nextcloud.tld/apps/settings/js/esm-test.mjs",
    "CustomMessage": "Can not connect to local server for checking JavaScript modules support"
  },
  "id": "65ad22badfee9"
}

[solracsf]

@susnux should we add a

'nextcloud' => ['allow_local_address' => true]

to the httpClient params?

server/apps/settings/lib/SetupChecks/JavaScriptModules.php

Line 67 in 1612d02

$response = $client->head($testURL, ['connect_timeout' => 10]);

[susnux]

@susnux should we add a

'nextcloud' => ['allow_local_address' => true]

to the httpClient params?

server/apps/settings/lib/SetupChecks/JavaScriptModules.php

Line 67 in 1612d02

$response = $client->head($testURL, ['connect_timeout' => 10]);

Yes! I wonder why it did work when I tested it. This will probably resolve this issue!

[solracsf]

@pandusen please try #42999 and report back if possible.

[rchaconmolero]

In my case, with 'allow_local_address' => true, in config.php does not resolve the problem.

[scttstrck]

Same here. The output of curl shows it being returned as content-type: text/javascript , however I still get the error show. Adding allow_local_address to the config.php does not change anything.

[joshtrichards]

Hi @jameskimmel:

using NGINX as a proxy in front of the apache Nextcloud instance

If you're truly using Nginx in front of Apache, then it sounds like your real issue is that your Apache environment isn't set up to use the distributed .htaccess that comes with each Nextcloud Server release (and automatically updated as needed). It already includes the appropriate configuration for handling mjs files. So you need to isolate what is different about your environment that doesn't match one of the documented installation methods.

Please shift this discussion for deeper troubleshooting to the Help Forum - https://help.nextcloud.com - so that developer inboxes aren't getting filled up with each comment here. :-)

[hendricksond]

HELP, I am also affected by this

1. Please make sure you are not using self signed certificates and your certificates are not expired.

I do not use self-signed certs. My certs are not expired.

2. Make sure you can connect from your web server to your web server, meaning if you have custom DNS then your server must be able to resolve its domain name (one of the `trusted_domains`).

My server can connect to itself.

3. If you use NGinx please read the current [admin documentation](https://docs.nextcloud.com/server/stable/admin_manual/installation/nginx.html) on how to add `.mjs` support.

I use apache2.

4. You can safely ignore the warning if `curl -I https://DOMAIN/apps/settings/js/esm-test.mjs` shows content type `text/javascript`

curl -I responds correctly from the server itself, so how do I get the warning to go away? I would like it to come back if this configuration breaks for some reason, but always having it there as a false positive is not helpful.

[hardwareadictos]

https://docs.nextcloud.com/server/stable/admin_manual/installation/nginx.html

Just for the ones deploying nextcloud on docker with nginx proxy, just deployed this version of nginx.conf (mine was quite outdated): https://github.com/nextcloud/docker/blob/master/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/web/nginx.conf

And error just went away:

Curl without mjs support:

HTTP/2 200 
server: openresty
date: Fri, 09 Feb 2024 11:57:45 GMT
content-type: application/octet-stream
content-length: 109
last-modified: Wed, 07 Feb 2024 13:48:40 GMT
etag: "65c38a38-6d"
referrer-policy: no-referrer
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
accept-ranges: bytes
strict-transport-security: max-age=63072000; preload
x-served-by: xxxx.xxxxx.xxx

Curl with mjs support on nginx:

HTTP/2 200 
server: openresty
date: Fri, 09 Feb 2024 11:51:44 GMT
content-type: text/javascript
content-length: 109
last-modified: Fri, 09 Feb 2024 11:26:37 GMT
etag: "65c60bed-6d"
cache-control: public, max-age=15778463,
accept-ranges: bytes
strict-transport-security: max-age=63072000; preload
x-served-by: xxx.xxxx.xxxx

On my test server Nextcloud general settings doesn't show the issue anymore as you can see on the previous image, on my production server it shows it but when i curl esm-test.mjs it responds correctly:

HTTP/2 200 
server: openresty
date: Fri, 09 Feb 2024 11:51:44 GMT
content-type: text/javascript
content-length: 109
last-modified: Fri, 09 Feb 2024 11:26:37 GMT
etag: "65c60bed-6d"
cache-control: public, max-age=15778463,
accept-ranges: bytes
strict-transport-security: max-age=63072000; preload
x-served-by: xxx.xxxx.xxxx

So i suppose that on PRO all is working fine anyways.

[susnux]

Always remember: Your webserver needs to be able to connect to one of the trusted_domains to make this check work.
Meaning from within your server you need to be able to connect to one of those domains, so the curl needs to be executed from within your docker container or what so ever and the domain needs to be one of the trusted_domains from your Nextcloud config.

If it still happens even if you check the points from above, please open a NEW ticket including LOG ENTRIES for the setupcheck with DEBUG logging enabled.

[molotov44]

I was able to fix the error message; there was still a wrong host entry in /etc/hosts. With "PUBLICIP your.nextcloud.com" the error message has now disappeared. Just a little tip, maybe check the host file :)

[deadmen0]

I was able to fix the error message; there was still a wrong host entry in /etc/hosts. With "PUBLICIP your.nextcloud.com" the error message has now disappeared. Just a little tip, maybe check the host file :)

Yes, if you use Unix with Docker and revers proxy is install in another VM.
Unix where install docker and start NC probably has been the same hostname with PUBLICIP fqdn and NC get ip 127.0.1.1 for curl.
You need change hostname Unix or add in docker NC "echo "PUBLICIP our.nextcloud.com" >> /etc/hosts"

Easy way diagnostic this problem is call "curl -I https://our.nextcloud.com/apps/settings/js/esm-test.mjs" with external VM if you get content-type: text/javascript, you have problem with hosts file.

[allolatr]

The test for .mjs file fails also on a site protected with ssl client certificate, as it cannot use any.

[janipewter]

I have this issue in my Nextcloud due to my setup using Docker containers and reverse proxy, the main URL for the Nextcloud instance is not accessible by the Docker container itself.

root@98dde04210c0:/# curl -I https://my.nextcloud.tld/apps/settings/js/esm-test.mjs
curl: (7) Failed to connect to my.nextcloud.tld port 443 after 3111 ms: Couldn't connect to server

This is because my.nextcloud.tld resolves to the IP address of the reverse proxy in my LAN subnet, which the Nextcloud docker container cannot reach because it does not have access to my LAN. However, the Nextcloud docker can access itself by its container hostname:

root@98dde04210c0:/# curl -I http://nextcloud/apps/settings/js/esm-test.mjs
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 08 Mar 2024 20:28:36 GMT
Content-Type: text/javascript
Content-Length: 109
Last-Modified: Sat, 02 Mar 2024 03:02:18 GMT
Connection: keep-alive
ETag: "65e296ba-6d"
Cache-Control: public, max-age=15778463, 
Accept-Ranges: bytes

Note that this does not have HTTPS though. I tried to add this as a trusted domain in the config in the hope that it might try to use it in the Javascript check but it doesnt:

  'trusted_domains' => 
  array (
    0 => 'nextcloud',
    1 => 'my.nextcloud.tld',
  ),

Is there anything else I can do?

[susnux]

You could set my.nextcloud.tld to resolve to localhost on your docker container (/etc/hosts).
Or try overwrite.cli.url (see admin docs).

[janipewter]

You could set my.nextcloud.tld to resolve to localhost on your docker container (/etc/hosts). Or try overwrite.cli.url (see admin docs).

Thanks, the first option does work, but won't this be overwritten whenever the Docker image is updated? Not a sustainable fix I think.

I already have overwrite cli url set to the public URL of the Nextcloud so I can't change this.

[janipewter]

OK - seems I can add host-specific DNS override for the container with the argument --add-host=my.nextcloud.tld:127.0.0.1

I think this is sufficient to fix the issue

[HH-boncon]

OK - seems I can add host-specific DNS override for the container with the argument --add-host=my.nextcloud.tld:127.0.0.1

I think this is sufficient to fix the issue

Hello everyone.
I'm writing this just to share my solution based on the above post with the sole hope that it may help somebody should they get as stuck as I was.
I realise that the issue doesn't have (probably) much implication on the functionality of nextcloud, but the look of it did really angry me. Mind you that I'm in no way a specialist or a pro, or whatever.
My setup is a docker compose stack like so: caddy (as proxy) -> nginx -> nextcloud-fpm.
The solution that worked for me is adding an extra host in the nextcloud-fpm container like so:

extra hosts:
- "my.nextcloud.tld:ip address of caddy from the docker network" # I have the address set as static. Haven't tried with the service name, perhaps it could work.

In docker it would be something like "--add-host=my.nextcloud.tld:ip address of the proxy", I guess.
If this is a stupid solution in some way that I'm unaware of, please ignore it.

Best

[janipewter]

OK - seems I can add host-specific DNS override for the container with the argument --add-host=my.nextcloud.tld:127.0.0.1
I think this is sufficient to fix the issue

Hello everyone. I'm writing this just to share my solution based on the above post with the sole hope that it may help somebody should they get as stuck as I was. I realise that the issue doesn't have (probably) much implication on the functionality of nextcloud, but the look of it did really angry me. Mind you that I'm in no way a specialist or a pro, or whatever. My setup is a docker compose stack like so: caddy (as proxy) -> nginx -> nextcloud-fpm. The solution that worked for me is adding an extra host in the nextcloud-fpm container like so:

extra hosts: - "my.nextcloud.tld:ip address of caddy from the docker network" # I have the address set as static. Haven't tried with the service name, perhaps it could work.

In docker it would be something like "--add-host=my.nextcloud.tld:ip address of the proxy", I guess. If this is a stupid solution in some way that I'm unaware of, please ignore it.

Best

Hi, have you checked that this fix persists after a reboot? As I believe by default, Docker issues IP addresses in the Docker network randomly, so there is no guarantee your caddy container will get the same Dockernet IP every time.

[HH-boncon]

It does persist a reboot.
As I mentioned, the caddy container has a static ip - I used it to get onlyoffice-ds working under the same caddy (for the automatic ssl certificate).
The whole setup is on its own docker network.
Now I wonder if it would work with the caddy service name instead of ip address.

[MrPenguin07]

Just quickly confirming this on my end.
Haven't had time to fully diagnose yet, however unlike it seems many here my setup differs;
I run nextcloud via turnkey LXC container under proxmox.
Also my container uses haproxy for reverse proxy.

I hope to find time to pin this down and report back in the coming days.

[janipewter]

Just quickly confirming this on my end. Haven't had time to fully diagnose yet, however unlike it seems many here my setup differs; I run nextcloud via turnkey LXC container under proxmox. Also my container uses haproxy for reverse proxy.

I hope to find time to pin this down and report back in the coming days.

Not sure what there is to confirm? This occurs when Nextcloud cannot reach itself by the URL you have configured for it. Considering this is most likely the case in setups where people are using reverse proxies, which you are doing, it's almost certainly the cause of your issue.

[Satalink]

I've noticed
shell: curl -I https://cloud.satalink.net/apps/settings/js/esm-test.mjs gets 400 err response.

browser: https://cloud.satalink.net/apps/settings/js/esm-test.mjs gets
`/**

• This is a dummy file for testing webserver support of JavaScript modules.
  */
  export default 'Hello'`

I'm not doing reverse proxy but wonder if there's a difference between curl and the browser..?

[MrPenguin07]

Just quickly confirming this on my end. Haven't had time to fully diagnose yet, however unlike it seems many here my setup differs; I run nextcloud via turnkey LXC container under proxmox. Also my container uses haproxy for reverse proxy.
I hope to find time to pin this down and report back in the coming days.

Not sure what there is to confirm? This occurs when Nextcloud cannot reach itself by the URL you have configured for it. Considering this is most likely the case in setups where people are using reverse proxies, which you are doing, it's almost certainly the cause of your issue.

Hi,

While you may have found the cause of why this issue occurs in your circumstances, that does not mean it is the source of the issue and the only reason it's triggered. As in the O.P's issue; this occured upon an update of Nextcloud - where the issue was not present previously.

Also being that mine is deployed from turnkey it was/is configured correctly to reach the URL and prior to the update had no issue so let's refrain from jumping to conclusions as to the cause.

Regards

[Satalink]

On my instance, the fix was to disable CloudFlare proxy. The proxy was transforming text/javascript to text/html. There's potentially a "worker" solution for this in CloudFlare, but I did not pursue it.

It is also noteworthy to pay attention to apache <IfModule ...> lines.

Some instances of Apache use <IfModule mod_mime.c> while others use <IfModule mime_module>

[ondrejlohnisky]

Possible solution for nginx.

I am running nextcloud on nginx and updating this part of the nginx nextcloud server config fixed this issue.:

location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map)$ {
        try_files $uri /index.php$request_uri;
        add_header Cache-Control "public, max-age=15778463, $asset_immutable";
        access_log off;     # Optional: Don't log access to assets

        location ~ \.wasm$ {
            default_type application/wasm;
        }

        location ~ \.mjs$ {
            default_type text/javascript;
        }

    }

I hope it helps someone !

[Danielsc87]

Just in case anyone wants a fix for this error on openLiteSpeed server.
i got this error on fresh install
vultr cyberpanel VPS
openlightspeed server. 1.7.19
Ubuntu 20.04.6 LTS
[Nextcloud Hub 7] (28.0.4)

Go to this folder /usr/local/lsws/conf
edit this file mime.properties, by adding
mjs = application/javascript

Restart server and off you go

[jlhollowell]

Thanks ondrejlohnisky

You're contribution here finally led me to a solution. I had to remove $asset_immutable but doing so finally resolved the issue for me.

location ~ .(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map)$ {
try_files $uri /index.php$request_uri;
add_header Cache-Control "public, max-age=15778463";
access_log off; # Optional: Don't log access to assets

    location ~ \.wasm$ {
        default_type application/wasm;
    }

    location ~ \.mjs$ {
        default_type text/javascript;
    }

}

[joshtrichards]

@jlhollowell & @ondrejlohnisky: If adjusting $asset_immutable fixed things for you, please confirm your Nginx config matches our docs and is up-to-date: https://docs.nextcloud.com/server/latest/admin_manual/installation/nginx.html

I've seen some tutorials floating around where people appear to attempt to correct what they thing is a typo in the earlier $asset_immutable definition. But doing that is what breaks the later reference to it. The correct config (full can be pulled from the link just mentioned) is below:

# Set the `immutable` cache control options only for assets with a cache busting `v` argument
map $arg_v $asset_immutable {
    "" "";
    default ", immutable";
}

[...]

        add_header Cache-Control                     "public, max-age=15778463$asset_immutable";

[Destripador]

Possible solution for nginx.

I am running nextcloud on nginx and updating this part of the nginx nextcloud server config fixed this issue.:

location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map)$ {
        try_files $uri /index.php$request_uri;
        add_header Cache-Control "public, max-age=15778463, $asset_immutable";
        access_log off;     # Optional: Don't log access to assets

        location ~ \.wasm$ {
            default_type application/wasm;
        }

        location ~ \.mjs$ {
            default_type text/javascript;
        }

    }

I hope it helps someone !

this fix my problem @ondrejlohnisky thanks