DevHeads.net

Apache allowed OPTIONS

Hi all,

I have setup Webav with apache2.
I am testing the setup on a Debian7 with apache 2.2.22.
Although the webdav is functioning ok I have a third party application that
needs to put files on the webdav folder and before it does that it checks
the available methods that apache allows. This app is not able to operate
since apache does not announce the PUT method.

When I check with curl as below I indeed see that PUT is not listed:

curl -sI -X OPTIONS <a href="http://169.254.254.55/webdav/" title="http://169.254.254.55/webdav/">http://169.254.254.55/webdav/</a>
HTTP/1.1 200 OK
Server: Apache/2.2.22 (Debian)
DAV: 1,2
DAV: <http://apache.org/dav/propset/fs/1>
MS-Author-Via: DAV
Allow: *OPTIONS*
,GET,HEAD,POST,DELETE,TRACE,PROPFIND,PROPPATCH,COPY,MOVE,LOCK,UNLOCK
Content-Length: 0
Content-Type: httpd/unix-directory

I have tested above also with Debian9 with apache2 2.4.25 and no PUT method
is listed.
I have tried several combinations with Limit and LimitExcept to no avail.
The PUT functions correctly if one tries to PUT a file but the issue is
that it is not listed and this breaks the third party app as it is
currently built.

Is there any way to make apache list the PUT options as available?

Thanx for any assistance,
Alex

Comments

Re: Apache allowed OPTIONS

By Nick Kew at 06/14/2018 - 20:21

I doubt it.

I expect PUT to that URL returns 405. The PUT that works for you is to a
different URL, of the form <a href="http://169.254.254.55/webdav/some-file" title="http://169.254.254.55/webdav/some-file">http://169.254.254.55/webdav/some-file</a>

Re: your other post, I'd be mildly surprised if Alias+Directory actually configures DAV:
we conventionally use a <Location> ('cos DAV is a handler, not a map straight to
the filesystem). If you add a breadcrumb (e.g. a Header), do you see it in a PUT?

Re: Apache allowed OPTIONS

By rightkicktech.g... at 06/25/2018 - 09:16

Thanx Nick for the feedback.

Indeed when I change the URL to point to a file then I get the PUT reply:

HTTP/1.1 200 OK
Server: Apache/2.4.25 (Debian)
DAV: 1,2
DAV: <http://apache.org/dav/propset/fs/1>
MS-Author-Via: DAV
Allow: OPTIONS,GET,HEAD,POST,DELETE,TRACE,PROPFIND,PROPPATCH,COPY,MOVE,*PUT*
,LOCK,UNLOCK
Content-Length: 0

I am still through trying to understand why PUT is not listed when querying
a directory. Tried both "Directory" and "Location" directives with no luck.

To cross check the matter I used the <a href="https://github.com/mar10/wsgidav" title="https://github.com/mar10/wsgidav">https://github.com/mar10/wsgidav</a>
project and I got quickly a friendly "PUT" even when the URL is a
directory:

curl -sI -X OPTIONS <a href="http://172.30.0.45:8080/tmp" title="http://172.30.0.45:8080/tmp">http://172.30.0.45:8080/tmp</a>

The reply is as below with PUT being listed although I did not append a
filename in the URL:

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 0
DAV: 1,2
Allow: OPTIONS *PUT* MKCOL
MS-Author-Via: DAV
Server: WsgiDAV/2.4.1 Cheroot/6.3.2 Python/2.7.13

I am not sure what you mean with "add a breadcrumb". I would appreciate if
you can elaborate.

Thanx for any feedback,
Alex

Re: Apache allowed OPTIONS

By Yann Ylavic at 06/13/2018 - 16:08

On Wed, Jun 13, 2018 at 6:18 PM, Alex K < ... at gmail dot com> wrote:
Probaly AllowMethods
(<a href="https://httpd.apache.org/docs/current/en/mod/mod_allowmethods.html#allowmethods" title="https://httpd.apache.org/docs/current/en/mod/mod_allowmethods.html#allowmethods">https://httpd.apache.org/docs/current/en/mod/mod_allowmethods.html#allow...</a>).

Regards,
Yann.

Re: Apache allowed OPTIONS

By rightkicktech.g... at 06/14/2018 - 13:38

Hi,

Thanx for the below.
I tried this approach but still no luck.

I have the following at apache:

DavLockDB /var/www/DavLock

<VirtualHost *:80>
DocumentRoot /var/www/html
ServerAdmin webmaster@localhost

<Directory /var/www/html/>
Options Indexes FollowSymLinks MultiViews
allow from all
</Directory>

Alias /webdav /var/www/html/webdav

<Directory /var/www/html/webdav>
AllowMethods PUT GET POST GET HEAD POST DELETE TRACE
PROPFIND PROPPATCH COPY MOVE LOCK UNLOCK OPTIONS
AllowOverride All
DAV On
AuthType Basic
AuthName "webdav"
AuthUserFile /etc/apache2/.htpasswd
Require valid-user
# allow from all
</Directory>

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

Using cadaver client I am able to list, upload and delete files.

When checking with curl I still see the PUT method not advertised. Is this
normal that apache will never say it has PUT?

curl -sI -X OPTIONS <a href="http://169.254.254.55/webdav/" title="http://169.254.254.55/webdav/">http://169.254.254.55/webdav/</a>
HTTP/1.1 200 OK
Server: Apache/2.2.22 (Debian)
DAV: 1,2
DAV: <http://apache.org/dav/propset/fs/1>
MS-Author-Via: DAV
Allow:
OPTIONS,GET,HEAD,POST,DELETE,TRACE,PROPFIND,PROPPATCH,COPY,MOVE,LOCK,UNLOCK
Content-Length: 0
Content-Type: httpd/unix-directory

Thanx,
Alex