sigoden/dufs
1
0
Fork 0
mirror of https://github.com/sigoden/dufs.git synced 2026-04-08 16:49:02 +03:00
Code Issues 8 Packages Projects Releases 10 Wiki Activity

[GH-ISSUE #221] DAV server compatible with keeweb #113

New Issue
Closed
opened 2026-04-08 16:50:25 +03:00 by zhus · 1 comment
zhus commented 2026-04-08 16:50:25 +03:00
Owner
Copy Link

Originally created by @perrinjerome on GitHub (Jun 2, 2023).
Original GitHub issue: https://github.com/sigoden/dufs/issues/221

Specific Demand

https://github.com/keeweb/keeweb / https://app.keeweb.info/ is a popular web based password manager that can use WebDAV to store password databases files. This cannot be used with dufs as webdav server because of some CORS error.

The first error is that keeweb sends Cache-Control: no-cache header ( here ) and this header is not allowed by the Access-Control-Allow-Headers from dufs. For reference, they are set here

1112b936b8/src/server.rs (L1291-L1294)

Another error is during saving, keeweb makes a PUT and then a MOVE request, with the Overwrite header set. This is done here by keeweb. This Overwrite header is part of webdav spec ( http://www.webdav.org/specs/rfc2518.html#HEADER_Overwrite ) and this seems a bug that dufs does not allow it.

Note that to be used with keeweb, dufs must be running with --auth-method basic because keeweb only uses basic (here.

Implement Suggestion

Change Access-Control-Allow-Headers to allow Cache-Control and Overwrite.

Allowing Overwrite seems natural because it is part of WebDav.
Allowing Cache-Control is maybe not universally used, but I don't think it's harmful to allow it and this seems "future proof", because the spec recommend using it with If header in http://www.webdav.org/specs/rfc2518.html#n-if-header-and-non-dav-compliant-proxies .

I'm sending a pull request if you think this makes sense.

Originally created by @perrinjerome on GitHub (Jun 2, 2023). Original GitHub issue: https://github.com/sigoden/dufs/issues/221 ## Specific Demand <!-- What feature do you need, please describe it in detail. --> https://github.com/keeweb/keeweb / https://app.keeweb.info/ is a popular web based password manager that can use WebDAV to store password databases files. This cannot be used with dufs as webdav server because of some CORS error. The first error is that keeweb sends `Cache-Control: no-cache` header ( [here](https://github.com/keeweb/keeweb/blob/e6df216291b9b5322049a11fe1301a2089679483/app/scripts/storage/impl/storage-webdav.js#L379) ) and this header is not allowed by the `Access-Control-Allow-Headers` from dufs. For reference, they are set here https://github.com/sigoden/dufs/blob/1112b936b80058574033243d83b916a02139f5da/src/server.rs#L1291-L1294 Another error is during saving, keeweb makes a `PUT` and then a `MOVE` request, with the `Overwrite` header set. This is done [here](https://github.com/keeweb/keeweb/blob/e6df216291b9b5322049a11fe1301a2089679483/app/scripts/storage/impl/storage-webdav.js#L216-L227) by keeweb. This `Overwrite` header is part of webdav spec ( http://www.webdav.org/specs/rfc2518.html#HEADER_Overwrite ) and this seems a bug that dufs does not allow it. Note that to be used with keeweb, dufs must be running with `--auth-method basic` because keeweb only uses basic ([here](https://github.com/keeweb/keeweb/blob/e6df216291b9b5322049a11fe1301a2089679483/app/scripts/storage/impl/storage-webdav.js#L370). ## Implement Suggestion Change `Access-Control-Allow-Headers` to allow `Cache-Control` and `Overwrite`. Allowing `Overwrite` seems natural because it is part of WebDav. Allowing `Cache-Control` is maybe not universally used, but I don't think it's harmful to allow it and this seems "future proof", because the spec recommend using it with `If` header in http://www.webdav.org/specs/rfc2518.html#n-if-header-and-non-dav-compliant-proxies . I'm sending a pull request if you think this makes sense.
zhus closed this issue 2026-04-08 16:50:25 +03:00
zhus commented 2026-04-08 16:50:26 +03:00
Author
Owner
Copy Link

@perrinjerome commented on GitHub (Jun 2, 2023):

I can confirm that with 0.34.1 using with keeweb works fine. Thanks a lot @sigoden

<!-- gh-comment-id:1573807104 --> @perrinjerome commented on GitHub (Jun 2, 2023): I can confirm that with 0.34.1 using with keeweb works fine. Thanks a lot @sigoden
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
enhancement
help wanted
pull-request
Mirrored from GitHub Pull Request
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
zhus
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: sigoden/dufs#113
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?