Hello everyone,
Im using Owncloud on a raspberry pi with apache2.4+mariadb+php7.
When i try to upload a file >10kb with the owncloud webinterface, the page reloads and the owncloud log says:
$this->bbcode_second_pass_code('', 'Upload error: 3 - Die Datei konnte nur teilweise \u00fcbertragen werden (translation: file only partially uploaded)
')
In the apache log there's the error
$this->bbcode_second_pass_code('', ' AH01630: client denied by server configuration: /usr/share/webapps/owncloud/data/.ocdata
')
And in the Chromium Javascript console I get
$this->bbcode_second_pass_code('', '
POST https://MyServerurl/owncloud/index.php/apps/files/ajax/upload.php net::ERR_SPDY_PROTOCOL_ERROR
Navigated to https://MyServerurl/owncloud/index.php/apps/files/')
I filed an Issue with owncloud and got the answer that its probaby a config issue (for some details on my server see the link)
https://github.com/owncloud/core/issues/25285
The problem is that i cant find the cause of the error.
(for privacy reasons, i replaced my server url with MyDomain )
/etc/httpd/conf/httpd.conf
$this->bbcode_second_pass_code('', '# Security
Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains"
Header set X-Frame-Options: "deny"
Header set X-XSS-Protection: "1; mode=block"
Header set X-Content-Type-Options: "nosniff"
Header unset X-WebKit-CSP
Header set X-WebKit-CSP: "default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' MyDomain 'unsafe-inline' 'unsafe-eval'"
Header set X-Permitted-Cross-Domain-Policies: "master-only"
Header unset X-Content-Security-Policy
Header always set X-Content-Security-Policy "default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' MyDomain 'unsafe-inline' 'unsafe-eval'"
Header unset Content-Security-Policy
Header always set Content-Security-Policy "default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' MyDomain 'unsafe-inline' 'unsafe-eval'"
Header unset Server
Header unset X-Powered-By
# http->https
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{SERVER_NAME}/%$1 [R,L]
# no indexes
<Directory /srv/http>
Options FollowSymLinks
AllowOverride None
</Directory>
Options -Indexes')
/etc/httpd/conf/extra/owncloud.conf
$this->bbcode_second_pass_code('', '<IfModule mod_alias.c>
Alias /owncloud "/usr/share/webapps/owncloud/"
</IfModule>
<Directory /usr/share/webapps/owncloud/>
Header append Vary User-Agent env=!dont-vary
Options All
AllowOverride All
Require all granted
php_admin_value open_basedir "/srv/http/:/tmp/:/usr/share/pear/:/usr/share/webapps/owncloud/:/etc/webapps/owncloud/:/dev/urandom"
AddOutputFilterByType DEFLATE text/html text/xml text/plain text/css text/javascript application/javascript
SetOutputFilter DEFLATE
SetEnv HOME /usr/share/webapps/owncloud
SetEnv HTTP_HOME /usr/share/webapps/owncloud
SetEnvIfNoCase Request_URI "\.(?:gif|jpe?g|png)$" no-gzip
Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
Header set X-Frame-Options: deny
Header set X-XSS-Protection: "1; mode=block"
Header set X-Content-Type-Options: nosniff
Header set X-WebKit-CSP: "default-src 'self'; script-src 'self' MyDomain 'unsafe-eval' 'unsafe-inline'"
Header set X-Permitted-Cross-Domain-Policies: "master-only"
Header always set Content-Security-Policy "default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' MyDomain 'unsafe-inline' 'unsafe-eval'"
</Directory>
<IfModule mod_dav.c>
Dav off
</IfModule>')