Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LOCK method with Timeout: header containing more than one Timetype value results in 400 Bad Request #178

Closed
evert opened this issue Oct 14, 2012 · 1 comment
Closed

LOCK method with Timeout: header containing more than one Timetype value results in 400 Bad Request #178

evert opened this issue Oct 14, 2012 · 1 comment
Labels
bug documentation

Comments

@evert
Copy link
Member

evert commented Oct 14, 2012

Original author: ipqu...@gmail.com (October 19, 2010 15:10:29)

What steps will reproduce the problem?

  1. Issue a LOCK request like this one:
    LOCK /dav/testdata/copied/exists1.txt HTTP/1.1
    X-Daydream-Test: LOCK a resource with two Timetype values
    Host: calendars
    Depth: 0
    Timeout: Infinite, Second-4100000000
    Authorization: Basic amFja2M6YmVydGhh
    Content-Length: 205

<D:lockinfo xmlns:D='DAV:'>
<D:lockscope><D:exclusive/></D:lockscope>
<D:locktype><D:write/></D:locktype>
<D:owner>
<D:href>http://dav/principals/jackc&lt;/D:href>
</D:owner>
</D:lockinfo>

2.
3.

What is the expected output?
The LOCK request should succeed (or fail for some other reason), because the Timeout header is not invalid.

What do you see instead?
HTTP/1.1 400 Bad request
Date: Tue, 19 Oct 2010 14:55:01 GMT
Server: Apache/2.2.14 (Debian)
X-Powered-By: PHP/5.3.2-2
Content-Length: 270
Connection: close
Content-Type: application/xml; charset=utf-8

<?xml version="1.0" encoding="utf-8"?>
<d:error xmlns:d="DAV:" xmlns:s="http://sabredav.org/ns">
<s:exception>Sabre_DAV_Exception_BadRequest</s:exception>
<s:message>Invalid HTTP timeout header</s:message>
<s:sabredav-version>1.3.0</s:sabredav-version>
</d:error>

What version of the product are you using?
1.3.0

What client software are you using?
Custom Java test-rig

Please provide any additional information below.
See http://tools.ietf.org/html/rfc4918#section-9.10.9 (example):
"In this request, the client has
specified that it desires an infinite-length lock, if available,
otherwise a timeout of 4.1 billion seconds, if available."

See http://tools.ietf.org/html/rfc4918#section-10.7:
"TimeOut = "Timeout" ":" 1#TimeType" (i.e. one or more of TimeType)

Original issue: http://code.google.com/p/sabredav/issues/detail?id=98
@risacher
Copy link
Contributor

I reproduced this with davclient.js (http://debris.demon.nl/javascript/) and ownCloud (based on SabreDAV).

Seems a shame, since all the examples in the RFC use this exact format, i.e. Timeout: Infinite, Second-4100000000

risacher added a commit to risacher/sabre-dav that referenced this issue Dec 27, 2013
@risacher
Fix issue sabre-io#178
866f2b9 
This change allows a lock timout header to have multiple values, per RFC 4918 section 10.7.
All but the first value are ignored.
evert added a commit that referenced this issue Jan 8, 2014
@evert
Merge pull request #395 from risacher/lock-timeout
d080127 
Fix issue #178
evert added a commit that referenced this issue Jan 8, 2014
@evert
Unittest for Issue #178, #395.
b2582b8
@evert evert closed this as completed Jan 8, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug documentation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@evert @risacher