arut
PROPFIND, OPTIONS are ignoring "add_header" "Access-Control-Allow-Origin" *;
Hello,
WebDAV ignores custom headers added by add_header directive.
I did a small test to hint what is going on. Please see the config below and note the return directive for request of type OPTIONS. Response to OPTIONS contains CORS headers but PROPFIND does not. It is because the DAV extension or this extension keeps processing. Is it a bug here or in Nginx's own DAV extension? Thanks a lot.
server {
# IP, Certificates, fullpath, autoindex ...
dav_methods PUT DELETE MKCOL COPY MOVE;
dav_ext_methods PROPFIND OPTIONS;
dav_access user:rw group:rw all:rw;
location / {
root /srv/http/content;
# Preflighted requests
if ($request_method = OPTIONS) {
add_header "Access-Control-Allow-Origin" *;
add_header "Access-Control-Allow-Methods" "GET, HEAD, POST, PUT, OPTIONS, MOVE, DELETE, COPY, LOCK, UNLOCK, PROPFIND";
add_header "Access-Control-Allow-Headers" "Authorization, Origin, X-Requested-With, Content-Type, Accept, DNT, X-CustomHeader, Keep-Alive,User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Range, Range, Depth";
return 200;
}
if ($request_method = (GET|POST|HEAD|DELETE|PROPFIND)) {
add_header "Access-Control-Allow-Origin" *;
add_header "Access-Control-Allow-Methods" "GET, HEAD, POST, PUT, OPTIONS, MOVE, DELETE, COPY, LOCK, UNLOCK, PROPFIND";
add_header "Access-Control-Allow-Headers" "Authorization, Origin, X-Requested-With, Content-Type, Accept";
}
}
}
I had the same problem trying to launch DAViCal & CardDavMATE on different servers. I hope there is solution other that hosting client & server (DAViCal) at one place
Maybe your HTTP response code is not in {200, 201, 204, 206, 301, 302, 303, 304, 307, 308}.
Did you try adding the always keyword to the add_header statement?
https://stackoverflow.com/a/57932938/5894777
I use add_header without always: http://netlab.dhis.org/wiki/ru:software:nginx:webdav
is works ok, or at least was work few years ago, but clients works fine even now.
