diff --git a/internal/http/services/owncloud/ocdav/dav.go b/internal/http/services/owncloud/ocdav/dav.go index bb76c8ea259..84f757ddcb4 100644 --- a/internal/http/services/owncloud/ocdav/dav.go +++ b/internal/http/services/owncloud/ocdav/dav.go @@ -110,7 +110,7 @@ func (h *DavHandler) Handler(s *svc) http.Handler { r.URL.Path = path.Join(r.URL.Path, contextUser.Username) } - if r.Header.Get("Depth") == "" { + if r.Header.Get(net.HeaderDepth) == "" { w.WriteHeader(http.StatusMethodNotAllowed) b, err := errors.Marshal(http.StatusMethodNotAllowed, "Listing members of this collection is disabled", "") if err != nil { diff --git a/internal/http/services/owncloud/ocdav/delete.go b/internal/http/services/owncloud/ocdav/delete.go index 67e91274b53..4df9b67bb67 100644 --- a/internal/http/services/owncloud/ocdav/delete.go +++ b/internal/http/services/owncloud/ocdav/delete.go @@ -27,6 +27,7 @@ import ( rpc "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" "github.com/cs3org/reva/internal/http/services/owncloud/ocdav/errors" + "github.com/cs3org/reva/internal/http/services/owncloud/ocdav/net" "github.com/cs3org/reva/internal/http/services/owncloud/ocdav/spacelookup" "github.com/cs3org/reva/pkg/appctx" "github.com/cs3org/reva/pkg/rgrpc/status" @@ -66,13 +67,13 @@ func (s *svc) handleDelete(ctx context.Context, w http.ResponseWriter, r *http.R req := &provider.DeleteRequest{Ref: ref} - // FIXME the lock token is part of the application level protocol, it should be part of the DeleteRequest message not the outgoing context - ih, ok := parseIfHeader(r.Header.Get("If")) + // FIXME the lock token is part of the application level protocol, it should be part of the DeleteRequest message not the opaque + ih, ok := parseIfHeader(r.Header.Get(net.HeaderIf)) if ok { if len(ih.lists) == 1 && len(ih.lists[0].conditions) == 1 { req.Opaque = utils.AppendPlainToOpaque(req.Opaque, "lockid", ih.lists[0].conditions[0].Token) } - } else if r.Header.Get("If") != "" { + } else if r.Header.Get(net.HeaderIf) != "" { w.WriteHeader(http.StatusBadRequest) b, err := errors.Marshal(http.StatusBadRequest, "invalid if header", "") errors.HandleWebdavError(&log, w, b, err) diff --git a/internal/http/services/owncloud/ocdav/locks.go b/internal/http/services/owncloud/ocdav/locks.go index 7a7965c2986..daee6d8dba1 100644 --- a/internal/http/services/owncloud/ocdav/locks.go +++ b/internal/http/services/owncloud/ocdav/locks.go @@ -35,6 +35,7 @@ import ( provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" "github.com/cs3org/reva/internal/http/services/owncloud/ocdav/errors" + "github.com/cs3org/reva/internal/http/services/owncloud/ocdav/net" "github.com/cs3org/reva/internal/http/services/owncloud/ocdav/props" "github.com/cs3org/reva/internal/http/services/owncloud/ocdav/spacelookup" "github.com/cs3org/reva/pkg/appctx" @@ -421,7 +422,7 @@ func (s *svc) handleSpacesLock(w http.ResponseWriter, r *http.Request, spaceID s func (s *svc) lockReference(ctx context.Context, w http.ResponseWriter, r *http.Request, ref *provider.Reference) (retStatus int, retErr error) { sublog := appctx.GetLogger(ctx).With().Interface("ref", ref).Logger() - duration, err := parseTimeout(r.Header.Get("Timeout")) + duration, err := parseTimeout(r.Header.Get(net.HeaderTimeout)) if err != nil { return http.StatusBadRequest, errors.ErrInvalidTimeout } @@ -435,7 +436,7 @@ func (s *svc) lockReference(ctx context.Context, w http.ResponseWriter, r *http. token, ld, now, created := "", LockDetails{UserID: u.Id, Root: ref, Duration: duration}, time.Now(), false if li == (lockInfo{}) { // An empty lockInfo means to refresh the lock. - ih, ok := parseIfHeader(r.Header.Get("If")) + ih, ok := parseIfHeader(r.Header.Get(net.HeaderIf)) if !ok { return http.StatusBadRequest, errors.ErrInvalidIfHeader } @@ -457,7 +458,7 @@ func (s *svc) lockReference(ctx context.Context, w http.ResponseWriter, r *http. // Section 9.10.3 says that "If no Depth header is submitted on a LOCK request, // then the request MUST act as if a "Depth:infinity" had been submitted." depth := infiniteDepth - if hdr := r.Header.Get("Depth"); hdr != "" { + if hdr := r.Header.Get(net.HeaderDepth); hdr != "" { depth = parseDepth(hdr) if depth != 0 && depth != infiniteDepth { // Section 9.10.3 says that "Values other than 0 or infinity must not be @@ -587,7 +588,7 @@ func (s *svc) handleUnlock(w http.ResponseWriter, r *http.Request, ns string) (s // http://www.webdav.org/specs/rfc4918.html#HEADER_Lock-Token says that the // Lock-Token value should be a Coded-URL OR a token. We strip its angle brackets. - t := r.Header.Get("Lock-Token") + t := r.Header.Get(net.HeaderLockToken) if len(t) > 2 && t[0] == '<' && t[len(t)-1] == '>' { t = t[1 : len(t)-1] } diff --git a/internal/http/services/owncloud/ocdav/net/headers.go b/internal/http/services/owncloud/ocdav/net/headers.go index 657ad770202..8e5798ff92c 100644 --- a/internal/http/services/owncloud/ocdav/net/headers.go +++ b/internal/http/services/owncloud/ocdav/net/headers.go @@ -34,25 +34,33 @@ const ( HeaderIfMatch = "If-Match" ) +// webdav headers +const ( + HeaderDav = "DAV" // https://datatracker.ietf.org/doc/html/rfc4918#section-10.1 + HeaderDepth = "Depth" // https://datatracker.ietf.org/doc/html/rfc4918#section-10.2 + HeaderDestination = "Destination" // https://datatracker.ietf.org/doc/html/rfc4918#section-10.3 + HeaderIf = "If" // https://datatracker.ietf.org/doc/html/rfc4918#section-10.4 + HeaderLockToken = "Lock-Token" // https://datatracker.ietf.org/doc/html/rfc4918#section-10.5 + HeaderOverwrite = "Overwrite" // https://datatracker.ietf.org/doc/html/rfc4918#section-10.6 + HeaderTimeout = "Timeout" // https://datatracker.ietf.org/doc/html/rfc4918#section-10.7 +) + // Non standard HTTP headers. const ( HeaderOCFileID = "OC-FileId" HeaderOCETag = "OC-ETag" HeaderOCChecksum = "OC-Checksum" HeaderOCPermissions = "OC-Perm" - HeaderDepth = "Depth" - HeaderDav = "DAV" HeaderTusResumable = "Tus-Resumable" HeaderTusVersion = "Tus-Version" HeaderTusExtension = "Tus-Extension" HeaderTusChecksumAlgorithm = "Tus-Checksum-Algorithm" HeaderTusUploadExpires = "Upload-Expires" - HeaderDestination = "Destination" - HeaderOverwrite = "Overwrite" HeaderUploadChecksum = "Upload-Checksum" HeaderUploadLength = "Upload-Length" HeaderUploadMetadata = "Upload-Metadata" HeaderUploadOffset = "Upload-Offset" HeaderOCMtime = "X-OC-Mtime" HeaderExpectedEntityLength = "X-Expected-Entity-Length" + HeaderLitmus = "X-Litmus" ) diff --git a/internal/http/services/owncloud/ocdav/ocdav.go b/internal/http/services/owncloud/ocdav/ocdav.go index 352024e48a3..fd1303e1a11 100644 --- a/internal/http/services/owncloud/ocdav/ocdav.go +++ b/internal/http/services/owncloud/ocdav/ocdav.go @@ -197,7 +197,7 @@ func (s *svc) Handler() http.Handler { // TODO(jfd): do we need this? // fake litmus testing for empty namespace: see https://github.com/golang/net/blob/e514e69ffb8bc3c76a71ae40de0118d794855992/webdav/litmus_test_server.go#L58-L89 - if r.Header.Get("X-Litmus") == "props: 3 (propfind_invalid2)" { + if r.Header.Get(net.HeaderLitmus) == "props: 3 (propfind_invalid2)" { http.Error(w, "400 Bad Request", http.StatusBadRequest) return } diff --git a/internal/http/services/owncloud/ocdav/tus.go b/internal/http/services/owncloud/ocdav/tus.go index 7d48af06d02..104429b926a 100644 --- a/internal/http/services/owncloud/ocdav/tus.go +++ b/internal/http/services/owncloud/ocdav/tus.go @@ -121,7 +121,7 @@ func (s *svc) handleTusPost(ctx context.Context, w http.ResponseWriter, r *http. w.WriteHeader(http.StatusPreconditionFailed) return } - // r.Header.Get("OC-Checksum") + // r.Header.Get(net.HeaderOCChecksum) // TODO must be SHA1, ADLER32 or MD5 ... in capital letters???? // curl -X PUT https://demo.owncloud.com/remote.php/webdav/testcs.bin -u demo:demo -d '123' -v -H 'OC-Checksum: SHA1:40bd001563085fc35165329ea1ff5c5ecbdbbeef'