Hi,
I have set up mattermost as a docker container on my Synology NAS. I have also set up my fqdn mm.example.com as a DDNS entry in Synology and I am using Synology Reverse Proxy to point back to the local host to the mattermost port. Everything is working fine except for CORS.
What I am trying to do, is within nextcloud (example fqdn: cloud.example.com) I have the external links add on. I have created an entry for mattermost. This adds a button in the nav for mattermost. Its supposed to open it as an iFrame.
I am seeing the NS_ERROR_FRAME_ANCESTOR_VIOLATION error along with this from the console:
Content-Security-Policy: The page’s settings blocked the loading of a resource (frame-ancestors) at because it violates the following directive: “frame-ancestors ‘self’ https://teams.microsoft.com”
Here is my current headers for cloud.example.com:
Here is my current headers for mm.example.com:
###Mattermost logs can be found here: mattermost_cors.log - Google Drive
###Har logs can be found here: mattermost_cors.har - Google Drive
I am at my wits end. I believe the headers are corrrect, especially the csp header but its not changing it. It still stuck on default. Any help will be much appreciated. Thanks.