fix: Handle Depth header for COPY as this is required by RFC
#1495
Conversation
|
ping again, also cc @phil-davis Would be great to get this fixed so sabre passes the litmus test v15 ( https://github.com/notroj/litmus previously http://www.webdav.org/neon/litmus/ ) |
|
Anything I can help with to get this reviewed? (I do not want to bug you but this would be a great to get fixed :) ). |
|
I miss the ci status - what's going on here? |
@susnux can I ask you to rebase this pull request ... THX |
susnux
force-pushed
the
fix/handle-depth
branch
from
1076773 to
069c16d
Compare
@DeepDiver1975 sure, done! Noticed I had some code style issues / compatibility issues because I was using PHP 8+ syntax and tests use PHP 7.4. This is now fixed. |
susnux
force-pushed
the
fix/handle-depth
branch
from
8dc4522 to
3e722c3
Compare
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #1495 +/- ##
============================================
+ Coverage 97.23% 97.25% +0.02%
- Complexity 2836 2842 +6
============================================
Files 175 175
Lines 9028 8864 -164
============================================
- Hits 8778 8621 -157
+ Misses 250 243 -7 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
|
Noticed it is still open, is there anything I can help with? |
|
cc @susnux can you rebase, to have a recent ci run? |
Sure, done |
susnux
force-pushed
the
fix/handle-depth
branch
2 times, most recently
from
b580c46 to
1af1212
Compare
|
@kesselb I pushed a commit solving your comments |
|
@phil-davis anything else to do, to get this PR merged? |
| $moveInfo = $this->server->getCopyAndMoveInfo($request); | ||
|
|
||
| // MOVE does only allow "infinity" every other header value is considered invalid | ||
| if (Server::DEPTH_INFINITY !== $moveInfo['depth']) { |
There was a problem hiding this comment.
I'm not sure this is the best place for this check. When dealing with files Depth should be ignored. So, maybe to be on a safe side we should do this check for collections only.
There was a problem hiding this comment.
For MOVE the RFC is not that explicit but for COPY it is and there we have this part of the RFC:
Please note, however, that it is always an error to submit a value for the Depth header that is not allowed by the method's definition. Thus submitting a "Depth: 1" on a COPY, even if the resource does not have internal members, will result in a 400 (Bad Request). The method should fail not because the resource doesn't have internal members, but because of the illegal value in the header.
Thus an invalid value of the header has higher priority than the header itself.
So I think throwing here is safe and indicates that the client needs to be fixed.
|
I just find out about this missing bit. I'd love to see this merged. |
Only `Depth: infinity` is allowed, ref: rfc4918#section-9.9.2 Signed-off-by: Ferdinand Thiessen <[email protected]>
1. According to the RFC[1] servers **must** support `Depth` 'infinity' and 0. 2. And COPY method on a collection without a Depth header MUST act as if a Depth header with value "infinity" was included. [1] rfc4918#section-9.8.3 Signed-off-by: Ferdinand Thiessen <[email protected]>
Signed-off-by: Ferdinand Thiessen <[email protected]>
…of string value Signed-off-by: Ferdinand Thiessen <[email protected]>
susnux
force-pushed
the
fix/handle-depth
branch
from
61a7246 to
25fc0c2
Compare
|
Rebased to fix the typo in the error message - otherwise no changes. |
6 participants
Currently Sabre\DAV does not support the
Depthheader onCOPYandMOVE.But the RFC4918 requires servers to do so, the header is not required but:
MOVEthe header, if available, must be 'infinity' -> We just have to check the header and throw bad request otherwiseCOPYthe header may 'infinity' or a positive integer including 0So especially the
COPYmethod is currently broken, we noticed this when using the WebDAV litmus test bench (version 0.14) which checks for shallow copies (meaning copy a collection with depth 0).This PR fixes all of this points, while trying to keep backwards compatible. Of cause any using application that implements
ICopyTarget::copyIntois still broken and need to adapt to the depth change (it continues to work as before, but the bug fix does not propagate).Reference from the RFC:
COPYDepth'infinity' and '0': rfc4918#section-9.8.3MOVEonlyDepth: infinityis allowed: rfc4918#section-9.9.2