PHP Nextcloud - PROPFIND method not allowed error (v2)

max3163 · April 16, 2020, 4:54pm

I’m trying to migrate from V1 to V2 for my NextCloud website too.
I use simple rule like this :

root * /var/www/html
encode gzip
log

redir /.well-known/carddav /remote.php/carddav 301
redir /.well-known/caldav /remote.php/caldav 301
    
header Strict-Transport-Security max-age=31536000;
    
php_fastcgi unix//var/run/php/php7.4-fpm.sock

The website work but the Webdav part not …

ERROR http.log.access handled request {“request”: {“method”: “PROPFIND”, “uri”: “/remote.php/dav/files/XXX/data” … “size”:0, “status”:405,

Any idea why ?

Whitestrake · April 16, 2020, 11:51pm

Hi @max3163,

Your issue wasn’t related to the previous thread regarding rewrite rules, so I’ve moved it to its own topic.

This 405 is an interesting one. As far as I can tell, Caddy v2 itself only ever generates this status for bad API requests, never requests to its HTTP server, which kinda implies that Nextcloud threw this error via PHP.

max3163 · April 17, 2020, 9:00am

The exact request is

fetch(“https://xxx/remote.php/dav/files/xxx/”, {
“headers”: {
“accept”: “/”,
“accept-language”: “fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7”,
“content-type”: “application/xml; charset=UTF-8”,
“depth”: “1”,
“requesttoken”: “132465798”,
“sec-fetch-dest”: “empty”,
“sec-fetch-mode”: “cors”,
“sec-fetch-site”: “same-origin”,
“x-requested-with”: “XMLHttpRequest”
},
“referrerPolicy”: “no-referrer”,
“body”: “<?xml version=\"1.0\"?>\n<d:propfind xmlns:d="DAV:" xmlns:oc="http://owncloud.org/ns\” xmlns:nc="Nextcloud - Open source content collaboration platform" xmlns:ocs="http://open-collaboration-services.org/ns\“>\n <d:prop>\n <d:getlastmodified />\n <d:getetag />\n <d:getcontenttype />\n <d:resourcetype />\n <oc:fileid />\n <oc:permissions />\n <oc:size />\n <d:getcontentlength />\n <nc:has-preview />\n <nc:mount-type />\n <nc:is-encrypted />\n <ocs:share-permissions />\n <oc:tags />\n <oc:favorite />\n <oc:comments-unread />\n <oc:owner-id />\n <oc:owner-display-name />\n <oc:share-types />\n </d:prop>\n</d:propfind>”,
“method”: “PROPFIND”,
“mode”: “cors”,
“credentials”: “include”
})

And the full error

ERROR http.log.access handled request {“request”: {“method”: “PROPFIND”, “uri”: “/remote.php/dav/files/xxx/”, “proto”: “HTTP/2.0”, “remote_addr”: “XX.XX.XX.XX:XXXX”, “host”: “xxxx”, “headers”: {“Content-Length”: [“621”], “Requesttoken”: [“132465”], “X-Requested-With”: [“XMLHttpRequest”], “Sec-Fetch-Mode”: [“cors”], “Content-Type”: [“application/xml; charset=UTF-8”], “User-Agent”: [“Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.92 Safari/537.36”], “Origin”: [“https://xxxx”], “Sec-Fetch-Dest”: [“empty”], “Accept”: [“/”], “Sec-Fetch-Site”: [“same-origin”], “Accept-Encoding”: [“gzip, deflate, br”], “Cookie”: [“__Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; nc_username=xxx; login_cookie=123; login_salt=594; DMZSID=123; oc_sessionPassphrase=132465; octpkzxlr0kf=132; nc_token=123; nc_session_id=132”], “Depth”: [“1”], “Accept-Language”: [“fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7”]}, “tls”: {“resumed”: false, “version”: 772, “ciphersuite”: 4865, “proto”: “h2”, “proto_mutual”: true, “server_name”: “xxx”}}, “common_log”: “192.168.1.11 - - [17/Apr/2020:10:37:40 +0200] "PROPFIND /remote.php/dav/files/xxx/ HTTP/2.0" 405 0”, “latency”: 0.034660517, “size”: 0, “status”: 405, “resp_headers”: {“X-Permitted-Cross-Domain-Policies”: [“none”], “Pragma”: [“no-cache”], “Referrer-Policy”: [“no-referrer”], “Status”: [“405 Method Not Allowed”], “Content-Type”: [“text/html; charset=UTF-8”], “X-Robots-Tag”: [“none”], “X-Frame-Options”: [“SAMEORIGIN”], “Expires”: [“Thu, 19 Nov 1981 08:52:00 GMT”], “X-Content-Type-Options”: [“nosniff”], “X-Download-Options”: [“noopen”], “Content-Security-Policy”: [“default-src ‘self’; script-src ‘self’ ‘nonce-123’; style-src ‘self’ ‘unsafe-inline’; frame-src *; img-src * data: blob:; font-src ‘self’ data:; media-src *; connect-src *; object-src ‘none’; base-uri ‘self’;”], “Strict-Transport-Security”: [“max-age=31536000;”], “Cache-Control”: [“no-store, no-cache, must-revalidate”], “X-Xss-Protection”: [“1; mode=block”], “Server”: [“Caddy”]}}

With the V1 of caddy, it work with response status

server: Caddy

status: 207

status: 207 Multi-Status

No error on nextcloud log.

matt · April 21, 2020, 7:46pm

@max3163 f you add:

{
    debug
}

to the beginning of your Caddyfile, it will enable debug logging which will provide a little more introspection into what the proxy is sending and receiving. Don’t know if that will be helpful but it might help identify a misconfiguration in Nextcloud.

matt · April 21, 2020, 9:56pm

@max3163 Hey if you remove the log directive, does it happen to work?

matt · April 22, 2020, 11:04pm

@max3163 It seems we’ve found a solution in a neighboring thread: Help to migrate Caddyfile V1 to V2 for Nextcloud - #18 by francislavoie

system · May 22, 2020, 11:04pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.