WebDAV Config

antelle edited this page May 13, 2018 · 25 revisions

To load a WebDAV-located file from the web app, CORS must be enabled on your server.

❗ OPTIONS request must work without authorization.

Here's a config example:

For Apache:

RewriteEngine on
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ blank.html [R=200,L,E=HTTP_ORIGIN:%{HTTP:ORIGIN}]

<Directory "/path/to/your/directory">
  AuthType "Basic"
  AuthName "Password Manager"
  AuthBasicProvider file
  AuthUserFile "/your/htpasswd.file"
  Require user someuser

  DAV On
  Options Indexes
  Header always set Access-Control-Allow-Origin "*"
  Header always set Access-Control-Allow-Headers "origin, content-type, cache-control, accept, authorization, if-match, destination, overwrite"
  Header always set Access-Control-Expose-Headers "ETag"
  Header always set Access-Control-Allow-Methods "GET, HEAD, POST, PUT, OPTIONS, MOVE, DELETE, COPY, LOCK, UNLOCK"
  Header always set Access-Control-Allow-Credentials "true"
</Directory>

For nginx:

add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'GET, HEAD, POST, PUT, OPTIONS, MOVE, DELETE, COPY, LOCK, UNLOCK' always;
add_header 'Access-Control-Allow-Headers' 'Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Accept-Charset,X-Accept,origin,accept,if-match,destination,overwrite' always;
add_header 'Access-Control-Expose-Headers' 'ETag' always;
add_header 'Access-Control-Max-Age' 1728000 always;
if ($request_method = 'OPTIONS') {
  add_header 'Content-Type' 'text/plain charset=UTF-8';
  add_header 'Content-Length' 0;
  add_header 'Access-Control-Allow-Origin' '*';
  add_header 'Access-Control-Allow-Credentials' 'true';
  add_header 'Access-Control-Allow-Methods' 'GET, HEAD, POST, PUT, OPTIONS, MOVE, DELETE, COPY, LOCK, UNLOCK';
  add_header 'Access-Control-Allow-Headers' 'Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Accept-Charset,X-Accept,origin,accept,if-match,destination,overwrite';
  add_header 'Access-Control-Expose-Headers' 'ETag';
  add_header 'Access-Control-Max-Age' 1728000;
  return 204;
}

For caddy:

your.domain.com {
  basicauth /realurl user password
  webdav /realurl {
    scope /diskpath
  }
  cors / {
    origin *
    methods GET,HEAD,POST,PUT,OPTIONS,MOVE,DELETE,COPY,LOCK,UNLOCK,PROPFIND,MKCOL
    allow_credentials true
    max_age 1728000
    allowed_headers Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Accept-Charset,X-Accept,origin,accept,if-match,destination,overwrite
    exposed_headers ETag
  }
  rewrite /fake_url_for_kbdx  {
    if {method} not_is OPTIONS
    to /realurl/{path}
  }
  log /diskpathtolog
  errors /diskpathtoerrorlog
}

If you want KeeWeb to write files with PUT, instead of moving temporary file, you can change it with a switch in Settings → General.

Custom certificates

If your WebDAV server is using a self-signed or invalid certificate, you can use this command to open files in KeeWeb desktop app:

certutil -d sql:$HOME/.pki/nssdb -A -t TC -n "my_domain.lan" -i ~/ca.crt

On Windows, adding your CA to trusted certificates storage may help.

IMAP mailbox backups

It's possible to backup files to your IMAP mailbox using mailbox-backup proxy (warning: this project is in beta for now).

Synology

You can find some information in this issue.

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.