Skip to content

404 on /apps/files/directEditing/{token} redemption in NC 34, breaks document editing from iOS app #61487

Open
Open
404 on /apps/files/directEditing/{token} redemption in NC 34, breaks document editing from iOS app#61487
@anym001

Description

@anym001
anym001
opened on Jun 22, 2026

Summary

GET /apps/files/directEditing/{token} returns a 404 (Nextcloud's standard 404 page) immediately after a token is successfully created via POST /ocs/v2.php/apps/richdocuments/api/v1/document, when opening a document for editing from the official iOS app. This happens regardless of which office backend is configured (reproduced identically with both Collabora/richdocuments and Euro-Office/documentserver as the editor backend), which suggests the issue is in Nextcloud core's Direct Editing token redirect, not in the office app itself.

Steps to reproduce

  1. Set up Nextcloud Office (Collabora or Euro-Office) with a working, reachable document server (connection test passes, editing works fine via desktop browser).
  2. Open the Nextcloud iOS app, sign in, browse to a file (e.g. .xlsx or .docx).
  3. Tap the file to open it for editing.

Expected behaviour

The app opens the Direct Editing link and loads the document editor.

Actual behaviour

The app shows Nextcloud's own "Page not found" screen. Editing the same file via desktop browser (logging in through Safari/Chrome directly, not through the app's embedded view) works without any problem.

Server log evidence (access log)

POST /ocs/v2.php/apps/richdocuments/api/v1/document HTTP/1.1" 200 908 "-" "Mozilla/5.0 (iOS) Nextcloud-iOS/33.0.8"
GET /apps/files/directEditing/{token} HTTP/1.1" 404 29518 "-" "Mozilla/5.0 (iOS) Nextcloud-iOS/33.0.8"

The token-creation call succeeds (200), but the very next request to redeem that token via the Direct Editing URL returns a 404 with the size of Nextcloud's themed 404 page (29518 bytes), not a routing-level/webserver-level 404.

Environment

  • Nextcloud Server: 34.0.0.12 (fresh install on this major version, i.e. Hub 26 Spring)
  • Nextcloud iOS app: 33.0.8
  • Reverse proxy: nginx (SWAG/linuxserver.io), TLS terminated at proxy, overwriteprotocol, overwritehost, overwrite.cli.url and trusted_proxies correctly configured in config.php
  • Office backend tested: both richdocuments (Collabora Online, CODE 26.04.1.4) and a Euro-Office DocumentServer instance — same 404 behaviour with both
  • Desktop browser editing (same user, same files): works without issues
  • trusted_domains/trusted_proxies confirmed correct; capabilities check for Office is green ("Collabora Online Server ist erreichbar")

Additional notes

  • The fclose(): supplied resource is not a valid stream resource exception in richdocuments's RemoteService::convertFileTo() (thumbnail generation) appears in the logs around the same time but seems to be a separate, unrelated issue (thumbnail generation failing does not block editing).
  • Since the failure occurs at the files app's Direct Editing token redemption endpoint and is reproducible with two unrelated office backends, the office app/backend can likely be ruled out as the cause.

occ config:list system

{
    "system": {
        "htaccess.RewriteBase": "\/",
        "memcache.local": "\\OC\\Memcache\\APCu",
        "memcache.distributed": "\\OC\\Memcache\\Redis",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "port": 6379,
            "dbindex": 0,
            "timeout": 1.5
        },
        "apps_paths": [
            {
                "path": "\/var\/www\/html\/apps",
                "url": "\/apps",
                "writable": false
            },
            {
                "path": "\/var\/www\/html\/custom_apps",
                "url": "\/custom_apps",
                "writable": true
            }
        ],
        "serverid": 0,
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "cloud.mydomain.at"
        ],
        "trusted_proxies": "***REMOVED SENSITIVE VALUE***",
        "overwrite.cli.url": "https:\/\/cloud.mydomain.at",
        "overwritehost": "cloud.mydomain.at",
        "overwriteprotocol": "https",
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "version": "34.0.0.12",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "mail_smtpmode": "smtp",
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_sendmailmode": "smtp",
        "mail_smtpport": "465",
        "mail_smtpsecure": "ssl",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpauthtype": "LOGIN",
        "mail_smtpauth": 1,
        "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
        "mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
        "theme": "",
        "log_type": "file",
        "logfile": "\/var\/log\/nextcloud.log",
        "loglevel": 2,
        "log_rotate_size": 20971520,
        "maintenance": false,
        "maintenance_window_start": 1,
        "trashbin_retention_obligation": "auto,14",
        "versions_retention_obligation": "auto,30",
        "activity_expire_days": 30,
        "filesystem_check_changes": 1,
        "filelocking.enabled": "true",
        "integrity.check.disabled": false,
        "default_language": "de",
        "default_locale": "de_AT",
        "default_phone_region": "AT",
        "enable_previews": true,
        "enabledPreviewProviders": [
            "OC\\Preview\\Image",
            "OC\\Preview\\HEIC",
            "OC\\Preview\\TIFF",
            "OC\\Preview\\Movie",
            "OC\\Preview\\MKV",
            "OC\\Preview\\MP4",
            "OC\\Preview\\AVI"
        ],
        "preview_max_x": 2048,
        "preview_max_y": 2048,
        "jpeg_quality": 60,
        "preview_concurrency_all": 8,
        "preview_concurrency_new": 4,
        "preview_max_memory": 256,
        "preview_imaginary_url": "***REMOVED SENSITIVE VALUE***",
        "app_install_overwrite": [
            "memories",
            "previewgenerator"
        ],
        "memories.exiftool": "\/var\/www\/html\/custom_apps\/memories\/bin-ext\/exiftool-amd64-glibc",
        "memories.vod.path": "\/var\/www\/html\/custom_apps\/memories\/bin-ext\/go-vod-amd64",
        "memories.vod.ffmpeg": "\/usr\/bin\/ffmpeg",
        "memories.vod.ffprobe": "\/usr\/bin\/ffprobe",
        "memories.vod.qf": 22,
        "memories.gis_type": 1,
        "memories.db.triggers.fcu": true,
        "upgrade.disable-web": true,
        "memories.exiftool_no_local": true,
        "files.chunked_upload.max_size": 52428800,
        "memories.index.path.blacklist": "\\\/(@(Recycle|eaDir)|admin)\\\/",
        "config_preset": 2,
        "allow_local_remote_servers": true
    }
}

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    🧑‍🤝‍🧑 Community triage
    Status
    To triage

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions