server
server copied to clipboard
nextcloud
Public dav endpoint v2
Fix #19700
Implements a new v2 endpoint which also allows GET
$ curl -k https://dev.domain.com/public.php/dav/files/Y9Hc4SPqg564gid -X PROPFIND
$ curl -k https://dev.domain.com/public.php/dav/files/Y9Hc4SPqg564gid/video.mp4 -X PROPFIND
Access a file directly
$ curl -k https://dev.domain.com/public.php/dav/files/Y9Hc4SPqg564gid/video.mp4 -X GET
If password-protected
$ curl -k -u 'anonymous:password' https://dev.domain.com/public.php/dav/files/Y9Hc4SPqg564gid
- [x] GET access to direct files
- [x] Bruteforce protected
- [x] Once authenticated (with share password), no need to send basic auth again
@nextcloud/server-backend any thoughts?
@skjnldsv what happens if you still send basic auth for "https://dev.domain.com/public.php/dav/files/Y9Hc4SPqg564gid" ? will it then try to look for a folder "Y9Hc4SPqg564gid" inside the share ? just to double check that there is no conflict/confusion happening between both approaches
@skjnldsv what happens if you still send basic auth for "dev.domain.com/public.php/dav/files/Y9Hc4SPqg564gid" ? will it then try to look for a folder "Y9Hc4SPqg564gid" inside the share ? just to double check that there is no conflict/confusion happening between both approaches
It will ignore the username. Basic auth is only used to authenticate on protected shares now
Finally all green! Ok everyone, this is ready for revew! This will be a great enhancement for 29! Also includes proper phpunit testing! :rocket: