Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Showstopper] macOS Calendar / Fantastical broken with Nextcloud 15 RC 2 #12774

Closed
georgehrke opened this issue Dec 2, 2018 · 1 comment
Closed

[Showstopper] macOS Calendar / Fantastical broken with Nextcloud 15 RC 2 #12774

georgehrke opened this issue Dec 2, 2018 · 1 comment
Labels
1. to develop Accepted and waiting to be taken care of bug feature: dav high regression
Milestone
Nextcloud 15

Comments

@georgehrke
Copy link
Member

#12556 introduced a bug that broke syncing calendars (and possibly address books?) with macOS calendar and Fantastical. Other clients might be affected as well.

This is the curl command i used for testing:

curl -v -H 'Host: nextcloud.local:80' -H 'Accept: */*' -H 'User-Agent: Fantastical 2 for Mac/2.5.6 Mac OS X/10.14.1 Darwin/18.2.0 (x86_64)' -H 'Accept-Language: en-us' -H 'Authorization: Basic YWRtaW46YWRtaW4=' --data-binary "" -X OPTIONS --compressed 'http://nextcloud.local:80/remote.php/dav/principals/users/admin/'

This is the expected output (prior to ffd7778):

*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to nextcloud.local (127.0.0.1) port 80 (#0)
> OPTIONS /remote.php/dav/principals/users/admin/ HTTP/1.1
> Host: nextcloud.local:80
> Accept-Encoding: deflate, gzip
> Accept: */*
> User-Agent: Fantastical 2 for Mac/2.5.6 Mac OS X/10.14.1 Darwin/18.2.0 (x86_64)
> Accept-Language: en-us
> Authorization: Basic YWRtaW46YWRtaW4=
> Content-Length: 0
> Content-Type: application/x-www-form-urlencoded
>
< HTTP/1.1 200 OK
< Date: Sun, 02 Dec 2018 12:13:39 GMT
< Server: Apache/2.4.29 (Unix)
< X-Powered-By: PHP/7.2.11
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate
< Pragma: no-cache
< X-Frame-Options: SAMEORIGIN
< Content-Security-Policy: default-src 'none';
< Allow: OPTIONS, GET, HEAD, DELETE, PROPFIND, PUT, PROPPATCH, COPY, MOVE, REPORT
< DAV: 1, 3, extended-mkcol, access-control, calendarserver-principal-property-search, calendar-access, calendar-proxy, calendar-auto-schedule, calendar-availability, nc-calendar-webcal-cache, calendarserver-subscribed, oc-resource-sharing, oc-calendar-publishing, calendarserver-sharing, addressbook, nc-calendar-search, nc-enable-birthday-calendar
< MS-Author-Via: DAV
< Accept-Ranges: bytes
< Set-Cookie: oc_sessionPassphrase=yNz9TV%2FJnSJtAUCATDJ3CAa6x4eTB3pjixkW0vJrpjEvB1wKEegak5LtdEeUJ9yTHXsSHkR7dFqqBqOcgnBOkTFm49O8AE6swyl%2Bs4r%2F%2BHNTDpEGf53UmgmU96wCv5Qq; path=/; HttpOnly
< Set-Cookie: nc_sameSiteCookielax=true; path=/; httponly;expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax
< Set-Cookie: nc_sameSiteCookiestrict=true; path=/; httponly;expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict
< Set-Cookie: ockwx55s3hm3=b676cf801e4a7734d4ceb1e02ce29217; path=/; HttpOnly
< Set-Cookie: cookie_test=test; expires=Sun, 02-Dec-2018 13:13:40 GMT; Max-Age=3600
< Content-Length: 0
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< X-Robots-Tag: none
< X-Download-Options: noopen
< X-Permitted-Cross-Domain-Policies: none
< Referrer-Policy: no-referrer
< Content-Type: text/html; charset=UTF-8
<
* Connection #0 to host nextcloud.local left intact

This is the actual output (after ffd7778):

*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to nextcloud.local (127.0.0.1) port 80 (#0)
> OPTIONS /remote.php/dav/principals/users/admin/ HTTP/1.1
> Host: nextcloud.local:80
> Accept-Encoding: deflate, gzip
> Accept: */*
> User-Agent: Fantastical 2 for Mac/2.5.6 Mac OS X/10.14.1 Darwin/18.2.0 (x86_64)
> Accept-Language: en-us
> Authorization: Basic YWRtaW46YWRtaW4=
> Content-Length: 0
> Content-Type: application/x-www-form-urlencoded
>
< HTTP/1.1 404 Not Found
< Date: Sun, 02 Dec 2018 12:16:16 GMT
< Server: Apache/2.4.29 (Unix)
< X-Powered-By: PHP/7.2.11
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate
< Pragma: no-cache
< X-Frame-Options: SAMEORIGIN
< Content-Security-Policy: default-src 'none';
< Set-Cookie: ockwx55s3hm3=1462fab1e227d81e1ab081bd02fda8c2; path=/; HttpOnly
< Set-Cookie: oc_sessionPassphrase=Edk7d8SKyRovqDKoLAIVyl3vtSyh1uIui%2BE9we0eLb6T1sqmfcXW3m59DDMfr67k89cPzvrWLzq3TU5u6ap2qn56byC8DLIhRn88b4OTB4S5XPoQSqBM9dX%2BTf2sM1xP; path=/; HttpOnly
< Set-Cookie: nc_sameSiteCookielax=true; path=/; httponly;expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax
< Set-Cookie: nc_sameSiteCookiestrict=true; path=/; httponly;expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< X-Robots-Tag: none
< X-Download-Options: noopen
< X-Permitted-Cross-Domain-Policies: none
< Referrer-Policy: no-referrer
< Transfer-Encoding: chunked
< Content-Type: application/xml; charset=utf-8
* HTTP error before end of send, stop sending
<
<?xml version="1.0" encoding="utf-8"?>
<d:error xmlns:d="DAV:" xmlns:s="http://sabredav.org/ns">
  <s:exception>Sabre\DAV\Exception\NotFound</s:exception>
  <s:message>File with name /principals could not be located</s:message>
</d:error>
* Closing connection 0

AnonymousOptionsPlugin::handleAnonymousOptions never checks if there are authentication headers sent and is loaded on every request.

server/apps/dav/lib/Server.php

Line 105 in ffd7778

$this->server->addPlugin(new AnonymousOptionsPlugin());

This bug affects the following branches: master, stable15, stable14.
Affected releases: Nextcloud 15.0.0 RC 2
14.0.4 is not affected, because the commit was only backported after 14.0.4 was already released.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
1. to develop Accepted and waiting to be taken care of bug feature: dav high regression
Projects
None yet
Milestone
Nextcloud 15
Development

No branches or pull requests
1 participant
@georgehrke