1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
|
<?xml version="1.0"?>
<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
<modulesynopsis>
<name>mod_dav</name>
<description>Distributed Authoring and Versioning
(<a href="http://www.webdav.org/">WebDAV</a>) functionality</description>
<status>Extension</status>
<sourcefile>mod_dav.c</sourcefile>
<identifier>dav_module</identifier>
<summary>
<p>This module provides class 1 and class 2 <a
href="http://www.webdav.org">WebDAV</a> ('Web-based Distributed
Authoring and Versioning') functionality for Apache. This
extension to the HTTP protocol allows creating, moving,
copying, and deleting resources and collections on a remote web
server.</p>
</summary>
<seealso><directive module="mod_dav_fs">DavLockDB</directive></seealso>
<seealso><directive module="core">LimitXMLRequestBody</directive></seealso>
<seealso><a href="http://www.webdav.org">WebDAV Resources</a></seealso>
<section id="example"><title>Enabling WebDAV</title>
<p>To enable <module>mod_dav</module>, add the following to a
container in your <code>httpd.conf</code> file:</p>
<example>Dav On</example>
<p>This enables the DAV file system provider, which is implemented by
the <module>mod_dav_fs</module> module. Therefore that module has to
be compiled into the server or has to be loaded at runtime using the
<directive module="mod_so">LoadModule</directive> directive.</p>
<p>In order to make it work you have to specify a web-server writable
filename for the DAV lock database by adding the following to the
global section in your <code>httpd.conf</code> file:</p>
<example>
DavLockDB /tmp/DavLock
</example>
<p>You may wish to add a <directive module="core" type="section"
>Limit</directive> clause inside the <directive module="core"
type="section">Location</directive> directive to limit access to
DAV-enabled locations. If you want to set the maximum amount of
bytes that a DAV client can send at one request, you have to use
the <directive module="core">LimitXMLRequestBody</directive>
directive. The "normal" <directive module="core"
>LimitRequestBody</directive> directive has no effect on DAV
requests.</p>
<example><title>Full Example</title>
DavLockDB /tmp/DavLock<br />
<br />
<Location /foo><br />
<indent>
Dav On<br />
<br />
AuthType Basic<br />
AuthName DAV<br />
AuthUserFile user.passwd<br />
<br />
<LimitExcept GET HEAD OPTIONS><br />
<indent>
require user admin<br />
</indent>
</LimitExcept><br />
</indent>
</Location><br />
</example>
<note type="warning"><title>Security</title>
<p>The use of HTTP Basic Authentication is not recommended. You
should use at least HTTP Digest Authentication, which is provided by
the <module>mod_auth_digest</module> module. Nearly all WebDAV clients
support this authentication method. Of course, Basic Authentication
over an <a href="../ssl/">SSL</a> enabled connection is secure,
too.</p>
</note>
</section>
<directivesynopsis>
<name>Dav</name>
<description>Enable WebDAV HTTP methods</description>
<syntax>Dav On|Off|<var>provider-name</var></syntax>
<default>Dav Off</default>
<contextlist><context>directory</context></contextlist>
<usage>
<p>Use the <directive>Dav</directive> directive to enable the
WebDAV HTTP methods for the given container:</p>
<example>
<Location /foo><br />
<indent>
Dav On<br />
</indent>
</Location>
</example>
<p>The value <code>On</code> is actually an alias for the default
provider <code>filesystem</code> which is served by the <module
>mod_dav_fs</module> module. Note, that once you have DAV enabled
for some location, it <em>cannot</em> be disabled for sublocations.
For a complete configuration example have a look at the <a
href="#example">section above</a>.</p>
<note type="warning">
Do not enable WebDAV until you have secured your server. Otherwise
everyone will be able to distribute files on your system.
</note>
</usage>
</directivesynopsis>
<directivesynopsis>
<name>DavMinTimeout</name>
<description>Minimum amount of time the server holds a lock on
a DAV resource</description>
<syntax>DavMinTimeout <var>seconds</var></syntax>
<default>DavMinTimeout 0</default>
<contextlist><context>server config</context><context>virtual host</context>
<context>directory</context></contextlist>
<usage>
<p>When a client requests a DAV resource lock, it can also
specify a time when the lock will be automatically removed by
the server. This value is only a request, and the server can
ignore it or inform the client of an arbitrary value.</p>
<p>Use the <directive>DavMinTimeout</directive> directive to specify, in
seconds, the minimum lock timeout to return to a client.
Microsoft Web Folders defaults to a timeout of 120 seconds; the
<directive>DavMinTimeout</directive> can override this to a higher value
(like 600 seconds) to reduce the chance of the client losing
the lock due to network latency.</p>
<example><title>Example</title>
<Location /MSWord><br />
<indent>
DavMinTimeout 600<br />
</indent>
</Location>
</example>
</usage>
</directivesynopsis>
<directivesynopsis>
<name>DavDepthInfinity</name>
<description>Allow PROPFIND, Depth: Infinity requests</description>
<syntax>DavDepthInfinity on|off</syntax>
<default>DavDepthInfinity off</default>
<contextlist><context>server config</context><context>virtual host</context>
<context>directory</context></contextlist>
<usage>
<p>Use the <directive>DavDepthInfinity</directive> directive to
allow the processing of <code>PROPFIND</code> requests containing the
header 'Depth: Infinity'. Because this type of request could constitute
a denial-of-service attack, by default it is not allowed.</p>
</usage>
</directivesynopsis>
</modulesynopsis>
|
