New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Malformed user agent for WebDav with NextCloud 11 #492

Closed
florian434 opened this Issue Jan 17, 2017 · 6 comments

Comments

Projects
None yet
5 participants
@florian434
Copy link

florian434 commented Jan 17, 2017

Thanks for taking the time to contribute!

Please, read https://github.com/keeweb/keeweb/wiki/FAQ before submitting a new issue and fill in the following (if applicable):

  • what were your actions?
    I am trying to get Webdav access working between Keeweb Client and my NextCloud 11 Server.

If I try this workaroud from NextCloud it is working : https://github.com/nextcloud/server/pull/1328/files

But I need to do this a every update.

  • what was wrong?
    Keeweb Client returns a HTTP Error 503.

  • app version
    KeeWeb v1.3.3 (52701af, 2016-09-20)

  • your user-agent (from Settings/Help section)
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) KeeWeb/1.3.3 Chrome/52.0.2743.82 Electron/1.3.3 Safari/537.36

  • does it happen on Demo or New database?
    Yes

  • if you are using a test db without your personal data, please attach it

  • please, open dev tools in your browser and attach output log from Console tab
    (if you are using desktop app, devtools can be opened from Settings/General/Advanced)

2017-01-17T08:55:09.455Z [sync:Database XX_V2] Found new version, loading from storage
index.html:13 2017-01-17T08:55:09.456Z [sync:Database XX_V2] Load from storage, attempt 1
index.html:13 2017-01-17T08:55:09.457Z [storage-webdav] Load https://XXX/remote.php/webdav/XX/Database XX_V2.kdbx
index.html:19 GET https://XX/remote.php/webdav/XX/Database%20XX_V2.kdbx 503 (Service Unavailable)_request @ index.html:19load @ index.html:19s @ index.html:18(anonymous function) @ index.html:18(anonymous function) @ index.html:19(anonymous function) @ index.html:19
index.html:13 2017-01-17T08:55:09.484Z [storage-webdav] Load error https://XX/remote.php/webdav/XX/Database XX_V2.kdbx 503 27ms
index.html:13 2017-01-17T08:55:09.485Z [sync:Database XX_V2] Load from storage undefined HTTP status 503
index.html:13 2017-01-17T08:55:09.486Z [sync:Database XX_V2] Sync finished HTTP status 503

@kasoban

This comment has been minimized.

Copy link
Contributor

kasoban commented Jan 17, 2017

Looking at the NextCloud tickets created about this issue and their past approach of listing selective user-agents as "unsupported", I'd say this is more of a problem on the NextCloud side of things than keeweb.
Relying on user-agent string content for verification or actual functionality is a bit of a failed design IMHO...

Unfortunately I think there's no immediate solution for you besides continuing to exempt the keeweb user-agent string from the NextCloud security checks, as it's not even clear to me what NextCloud would expect the user-agent string to look like instead?

Related information:
https://help.nextcloud.com/t/nc11-webdav-for-keeweb/6481
nextcloud/server#1593
nextcloud/server#1601

@antelle antelle added this to the Future milestone Jan 17, 2017

@antelle

This comment has been minimized.

Copy link
Member

antelle commented Jan 17, 2017

I agree with @kasoban , it looks like, we cannot fix it on our side.

@Chluz

This comment has been minimized.

Copy link

Chluz commented Jan 29, 2017

For those who would like to add the exception manually to the nextcloud base.php file, as mentioned by @florian434 , I made the folloying change to lib/base.php, from

             $incompatibleUserAgents = [
                        // OS X Finder
                        '/^WebDAVFS/',
                ];

to

             $incompatibleUserAgents = [
                        // OS X Finder
                        '/^WebDAVFS/',
                        // KeeWeb client
                        '/KeeWeb\/\d[.]\d[.]\d/',
                ];

This will need to be applied for every update of Nextcloud until/if this change gets merged

@florian434

This comment has been minimized.

Copy link

florian434 commented Jan 30, 2017

Thanks, it is working.

@antelle

This comment has been minimized.

Copy link
Member

antelle commented May 20, 2017

We cannot do anything in keeweb, closing.

@Holi0317

This comment has been minimized.

Copy link

Holi0317 commented Sep 4, 2018

Seems that there is a patch coming in NextCloud 14.0 and we could set $incompatibleUserAgents using config.php, at csrf.optout configuration key.

No need to edit base.php in the coming updates. 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment