You are viewing a plain text version of this content. The canonical link for it is here.

Posted to bugs@httpd.apache.org by bu...@apache.org on 2013/05/01 00:20:51 UTC

[Bug 54914] New: mod_dir DirectoryIndex breaks WebDAV PROPFIND / DELETE / MOVE

https://issues.apache.org/bugzilla/show_bug.cgi?id=54914

            Bug ID: 54914
           Summary: mod_dir DirectoryIndex breaks WebDAV PROPFIND / DELETE
                    / MOVE
           Product: Apache httpd-2
           Version: 2.5-HEAD
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_dir
          Assignee: bugs@httpd.apache.org
          Reporter: wiml@omnigroup.com
    Classification: Unclassified

If a collection in a WebDAV-enabled area contains an index.html (or whatever
filename is specified in DirectoryIndex) then it becomes impossible to use
WebDAV methods on that collection: you cannot PROPFIND it, MOVE it, DELETE it,
etc. All of these result in a 405 Method Not Allowed error.

e.g., this series of operations, starting from an empty directory "/wiml":


MKCOL /wiml/bugzillaPF/ --> 201 Created
MKCOL /wiml/bugzillaPF/testcollxn --> 201 Created
PROPFIND /wiml/bugzillaPF/ --> 207 Multi-Status
PROPFIND /wiml/bugzillaPF/testcollxn/ --> 207 Multi-Status
PUT /wiml/bugzillaPF/testcollxn/index.html --> 201 Created
PROPFIND /wiml/bugzillaPF/ --> 207 Multi-Status
PROPFIND /wiml/bugzillaPF/testcollxn/ --> 405 Method Not Allowed
DELETE /wiml/bugzillaPF/testcollxn/ --> 405 Method Not Allowed


Notice that before index.html is written, it is possible to PROPFIND the
testcollxn collection. Afterwards, that method results in an error. It's still
possible to see the testcollxn by calling PROPFIND on its parent with Depth:1,
though (and its resourcetype is <collection>, so one would expect to be able to
issue other DAV requests against it).

DELETE and MOVE suffer similarly.

Setting DirectoryIndex to 'disabled' fixes the problem (at the cost of
disabling directory indexes...). This shouldn't be necessary, as RFC4918
explicitly calls out the possibility that a collection resource can also have a
GETtable entity in addition to its collection-nature.

Also oddly, the error text returned for a PROPFIND on
/wiml/bugzillaPF/testcollxn/ is "The requested method GET is not allowed for
the URL /wiml/bugzillaPF/testcollxn/index.html." --- note that neither the
method nor the URL mentioned in the response correspond to those in the request
--- which is doubly unexpected because GET *is* allowed (and works fine) on
that URL. In fact, PROPFIND is also allowed on that URL. Just not on
"testcollxn".

The (mis)behavior is the same in httpd-2.4.4 and in 2.5.0-dev r1477687.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 54914] mod_dir DirectoryIndex breaks WebDAV PROPFIND / DELETE / MOVE

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=54914

--- Comment #3 from Sergey Dorofeev <se...@fidoman.ru> ---
Workaround:

Add to webdav location

<Limit PROPFIND>
DirectoryIndex never-encounterable-file-name.html
</Limit>

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 54914] mod_dir DirectoryIndex breaks WebDAV PROPFIND / DELETE / MOVE

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=54914

--- Comment #2 from Chris Darroch <ch...@pearsoncmg.com> ---
I haven't proposed this patch for backport to 2.4.x yet because it doesn't deal
with OPTIONS, and I don't yet have a solid proposal on that front.

With 2.2.x and 2.4.x, OPTIONS on a directory (e.g., "OPTIONS / HTTP/1.0") would
return variable Content-Type response header values, depending on whether a
DirectoryIndex file was found by mod_dir.  If found, the Content-Type was
derived from the index file (e.g., text/plain or text/html).  If not found, the
supposedly internal MIME type httpd/unix-directory is returned (which is
arguably an error, but a long-standing one).

With this patch, httpd/unix-directory is always returned, even if a
DirectoryIndex file exists.

Personally, I think it would be preferable to either:

a) Restore (in trunk) the long-standing but arguably incorrect behaviour in
which httpd/unix-directory is only returned if no DirectoryIndex file is found,
or

b) Adjust mod_dir and/or other modules so that httpd/unix-directory is never
returned (e.g., by not returning Content-Type at all when r->content_type is
set to an internal MIME type).

While (a) might be the "safer" option, it may also may be harder or uglier to
implement, with additional workarounds for the fact that r233369 (PR 25435)
ended up breaking a number of other standard behaviours (e.g., PR 53794).

This is because that change (r233369) lets mod_dir proceed with its internal
redirect to the DirectoryIndex file, as if it was always the canonical handler
for the request, but retains some aspects of the original request, like the
method and original handler setting.  When the original handler was never set,
or can work equally well with a directory as with an index file, there's no
problem; indeed, it can be a feature.  (This is what the reporter of PR 25435
wanted for their mod_perl setup.)  But when the original handler is set and the
system is not expecting to have the request rewritten to point to an index file
(e.g., mod_dav, mod_rewrite), things go awry.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 54914] mod_dir DirectoryIndex breaks WebDAV PROPFIND / DELETE / MOVE

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=54914

--- Comment #5 from Brian Schubert <sc...@waksman.rutgers.edu> ---
(In reply to Dabe Murphy from comment #4)
> FWIW, this workaround doesn't work for me (2.4.7-1ubuntu4.1 trusty).
> 
> WebDAV works, yes, but it breaks the directory indexing for normal requests
> -- GETs and all.  Maybe that's a /different/ bug, I dunno...  :-(

Same problem exists for me on Scientific Linux 7.0, httpd-2.4.6-18.sl7.x86_64

> 
> Also, RE: Backporting to 2.4...  Even though the patch above doesn't solve
> the WHOLE problem (i.e., the OPTIONS method) if fixing only PROPFIND is
> enough to "un-break" WebDAV, it's worth it, IMHO.

I agree. In this case I think backporting the fix would be worthwhile to most
users even if the whole OPTIONS issue is not addressed at this time.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 54914] mod_dir DirectoryIndex breaks WebDAV PROPFIND / DELETE / MOVE

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=54914

--- Comment #1 from Chris Darroch <ch...@pearsoncmg.com> ---
Fixed on trunk with r1561447.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org

[Bug 54914] mod_dir DirectoryIndex breaks WebDAV PROPFIND / DELETE / MOVE

Posted by bu...@apache.org.

https://issues.apache.org/bugzilla/show_bug.cgi?id=54914

--- Comment #4 from Dabe Murphy <da...@dabe.com> ---
(In reply to Sergey Dorofeev from comment #3)
> Workaround:
> 
> Add to webdav location
> 
> <Limit PROPFIND>
> DirectoryIndex never-encounterable-file-name.html
> </Limit>

FWIW, this workaround doesn't work for me (2.4.7-1ubuntu4.1 trusty).

WebDAV works, yes, but it breaks the directory indexing for normal requests --
GETs and all.  Maybe that's a /different/ bug, I dunno...  :-(


Also, RE: Backporting to 2.4...  Even though the patch above doesn't solve the
WHOLE problem (i.e., the OPTIONS method) if fixing only PROPFIND is enough to
"un-break" WebDAV, it's worth it, IMHO.

Like we say at $WORK: "If it's stupid, BUT IT WORKS, it isn't stupid."  (Also:
"Just because you can't do /everything/ doesn't mean you shouldn't do
*ANYTHING*")


My two cents (and upvote)...

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org