Nextcloud behind reverse proxy - WOPI URL changed from https to http

Posted by crox on Wednesday, March 5. 2025

I'm trying out the "Nextcloud Office" app together with "Collabora Online - Built-in CODE Server". That Nextcloud instance is behind a reverse proxy.

The problem I encountered was that regardless of the 'overwritehost' and 'overwriteprotocol' settings, the WOPI URL kept being automatically changed from https to http.

From other posts regarding similar issues I figured out that the WOPI URL is obtained by querying https://[yourinstance]/apps/richdocumentscode/proxy.php?req=/hosting/discovery

Looking at the proxy.php source code, I found the reason for the issue:

// URL into this server of the proxy script.
if ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off')
        || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https' )
        || (isset($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] === 'on')
) { 
    $proxyURL = "https://";
} else {
    $proxyURL = "http://";
}

I then modified my reverse proxy (Apache) config to add the missing header:

RequestHeader set X-Forwarded-Proto "https"

Now everything works as expected

Trackbacks

Trackback specific URI for this entry

No Trackbacks

Comments

Display comments as Linear | Threaded

No comments

Add Comment

Name

Homepage

Comment

In reply to

Phone*

What is five plus two?

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.

Standard emoticons like :-) and ;-) are converted to images.

E-Mail addresses will not be displayed and will only be used for E-Mail notifications.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA