Title: Fixing "Access forbidden State token does not match" on Nextcloud's Android client
Date: 2021-05-28 22:30

I recently deployed [Nextcloud](https://nextcloud.com/), and while everything
was more or less working out of the box,
the [Android application](https://apps.nextcloud.com/apps/android_nextcloud_app)
didn't want to let me log in at all: it kept hitting a
[http 303](https://en.wikipedia.org/wiki/HTTP_303) and showing me an `Access
forbidden State token does not match` error.

After having had a *ton of fun* debugging it, here is the summary:
I'm using a reverse-proxy in front on my instance,
with `'overwrite.cli.url' => 'http://cloud.dustri.org'` and `'overwriteprotocol' => 'https'`
in my Nextcloud's `config/config.php`, and it seems that I forgot to pass the correct™ headers
through my reverse-proxy. Throwing the following lines into your nginx
configuration should fix the issue:

```nginx
location / {
	proxy_set_header Host              $http_host;
	proxy_set_header X-Real-IP         $remote_addr;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;

	// […]
}
```