WebDav method OPTIONS fail with "400 Bad Request"

[Geraldf]

I try to use the webdav npm package https://www.npmjs.com/package/webdav to access next cloud via webdav. This package claims to work with nextcloud.

When I call the nextcloud wendav interface the package make an HTTP OPTIONS method, on which nextcloud replies with 400 Bad Request.

here is some Wireshark trace showing the request and the response.

the code which is doing the request is:
` const client = createClient(
process.env.WEBDAV_URL,
{
username: process.env.NEXTCLOUD_USER,
password: process.env.NEXTCLOUD_PASSWORD,
},
// Get directory contents

  // Outputs a structure like:
  // [{
  //     filename: "/my-file.txt",
  //     basename: "my-file.txt",
  //     lastmod: "Mon, 10 Oct 2018 23:24:11 GMT",
  //     size: 371,
  //     type: "file"
  // }]
);
client.getDirectoryContents('/').then(function(contents) {
  console.log(JSON.stringify(contents, undefined, 4));
});`

I am using nextcloud 14.0,.3

[nextcloud-bot]

GitMate.io thinks possibly related issues are #3738 (Webdav), #4199 (Error 400 - WebSockets for Bad Request), #10505 (Bulk import of about 400 randomly fails), #1814 (DEVONthink + WebDAV not working (400)), and #6026 (User Provisioning API request fails with "Bad request").

[Geraldf]

I solved my reported issue.
the reason for the "400 bad request" was that I was calling the URL, which was not part of the trusted_domains entries in the config/config.php file.
after adding the domain there, the 400-error disappeared.

the remaing CORS error I did get, I could solve by adding the following to the Apache conf file,

Header set Access-Control-Allow-Origin '*'
Header set Access-Control-Allow-Methods 'OPTIONS, GET, HEAD, DELETE, PROPFIND, PUT, PROPPATCH, COPY, MOVE, REPORT'
Header set Access-Control-Allow-Headers 'Authorization, Depth'