0001602: DAV should return "403 Forbidden" on PROPFIND with "Depth: Infinity" header - SOGo

ID	Project	Category	View Status	Date Submitted	Last Update

0001602	SOGo	Backend General	public	2012-01-24 16:09	2012-01-24 16:09

Reporter	Marcel	Assigned To
Priority	normal	Severity	minor	Reproducibility	always
Status	new	Resolution	open
Product Version	1.3.11

Summary	0001602: DAV should return "403 Forbidden" on PROPFIND with "Depth: Infinity" header
Description	Right now, the DAV backend does not handle Depth: Infinity at all. This confuses some DAV clients (I noticed it with WebDAV-Sync but the problem is more generic, see https://sourceforge.net/tracker/index.php?func=detail&aid=3478695&group_id=207743&atid=1002903). It would be best to either handle Depth: Infinity by traversing into all the collections, but it might be much easier for SOGo to just return "403 Forbidden" on DAV PROPFINDs with Depth: Infinity.
Additional Information	Section 9.1.1 of RFC 4918 says: 403 Forbidden - A server MAY reject PROPFIND requests on collections with depth header of "Infinity", in which case it SHOULD use this error with the precondition code 'propfind-finite-depth' inside the error body. Either handling Depth: Infinity or refusing it with 403 would relieve clients from unnecessarily traversing into many possibly empty collections on servers which fully handle Depth: Infinity.
Tags	No tags attached.

Date Modified	Username	Field	Change
2012-01-24 16:09	Marcel	New Issue