PROPFIND on remote.php/webdav when check_for_working_webdav is disabled #9835
Description
On our Nextcloud server, we only allow users to use the web interface to exchange files. We don't want them to use it as a backup method for their files (we have other ways). So we cut WebDav to be sure they won't use a Nextcloud client to sync their data.
But we have a warning in the admin page that WebDav seems to be broken, even if we specify in the config that we don't want Nextcloud to check this functionality.
Steps to reproduce
- Install a brand new Nextcloud 13 server
- Put in config.php:
'check_for_working_webdav' => false,' - In Apache, put this somewhere to only allow POST and GET http commands:
<Directory />
<LimitExcept POST GET>
Deny from all
</LimitExcept>
</Directory>
- Reload Apache
- Connect as an admin, 'Settings', 'Basic settings'
Expected behaviour
We should see: "All checks passed."
Actual behaviour
We see: "Your web server is not yet set up properly to allow file synchronization because the WebDAV interface seems to be broken". On Apache logs we see a PROPFIND request:
"PROPFIND /drive/remote.php/webdav HTTP/2.0" 207 -/- (-%)
Server configuration
Operating system:
Debian 9.4 stable amd64
Web server:
apache 2.4.25-3+deb9u4
Database:
mariadb-server 10.1.26-0+deb9u1
PHP version:
php 7.0.27-0+deb9u1
Nextcloud version: (see Nextcloud admin page)
13.0.3
Updated from an older Nextcloud/ownCloud or fresh install:
fresh install
Where did you install Nextcloud from:
https://nextcloud.com/install/#instructions-server
Login as admin user into your Nextcloud and access
http://example.com/index.php/settings/integrity/failed
No errors have been found.
List of activated apps:
occ app:list
Enabled:
- activity: 2.6.1
- dav: 1.4.7
- federatedfilesharing: 1.3.1
- files: 1.8.0
- files_sharing: 1.5.0
- files_texteditor: 2.5.1
- files_trashbin: 1.3.0
- files_videoplayer: 1.2.0
- gallery: 18.0.0
- logreader: 2.0.0
- lookup_server_connector: 1.1.0
- notifications: 2.1.2
- oauth2: 1.1.1
- password_policy: 1.3.0
- provisioning_api: 1.3.0
- serverinfo: 1.3.0
- systemtags: 1.3.0
- theming: 1.4.5
- twofactor_backupcodes: 1.2.3
- updatenotification: 1.3.0
- workflowengine: 1.3.0
Disabled:
- admin_audit
- comments
- encryption
- federation
- files_external
- files_pdfviewer
- files_versions
- firstrunwizard
- nextcloud_announcements
- sharebymail
- survey_client
- user_external
- user_ldap
Nextcloud configuration:
Config report
{
"system": {
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
"localhost",
"***REMOVED SENSITIVE VALUE***"
],
"force_language": "en",
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"overwrite.cli.url": "https:\/\/<my-server>.fr",
"dbtype": "mysql",
"version": "13.0.3.2",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "",
"dbtableprefix": "oc_",
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"overwriteprotocol": "https",
"overwritewebroot": "\/drive",
"htaccess.RewriteBase": "\/drive",
"openssl": {
"config": "\/etc\/ssl\/openssl.cnf"
},
"skeletondirectory": "***REMOVED SENSITIVE VALUE***\/drive\/skeleton",
"tempdirectory": "***REMOVED SENSITIVE VALUE***\/data\/php_upload",
"directory": ***REMOVED SENSITIVE VALUE***"\/data\/drive\/data",
"knowledgebaseenabled": false,
"defaultapp": "files",
"enable_avatars": false,
"trashbin_retention_obligation": "auto, 2",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_smtpmode": "smtp",
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpport": "25",
"log_type": "syslog",
"logfile": "",
"loglevel": "2",
"syslog_tag": "Nextcloud",
"logdateformat": "F d, Y H:i:s",
"logtimezone": "Europe\/Paris",
"proxy": "",
"proxyuserpwd": "***REMOVED SENSITIVE VALUE***",
"check_for_working_webdav": "false",
"check_for_working_wellknown_setup": false,
"auth.bruteforce.protection.enabled": true,
"updatechecker": true,
"updater.release.channel": "stable",
"appstoreenabled": true,
"appcodechecker": true,
"apps_paths": [
{
"path": "***REMOVED SENSITIVE VALUE***\/nextcloud\/apps",
"url": "\/apps",
"writable": true
}
],
"memcache.local": "\\OC\\Memcache\\APCu",
"instanceid": "***REMOVED SENSITIVE VALUE***",
"maintenance": false,
"updater.secret": "***REMOVED SENSITIVE VALUE***"
}
}
Are you using external storage, if yes which one: local/smb/sftp/...
No
Are you using encryption: yes/no
No
Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/...
No
Client configuration
Browser:
Tested with Firefox + IE 11
Operating system:
Windows 10 build 1803
Logs
Web server error log
Web server error log
Insert your webserver log here
Nextcloud log (data/nextcloud.log)
Nextcloud log
No particular Nextcloud log. Only Apache access on my syslog
Browser log
Browser log
- No JavaScript error
- On network panel, we see the PROPFIND request to drive/remote.php, which fails with 403 error code (as I blocked it in Apache)