summaryrefslogtreecommitdiffstats
path: root/docs/manual/mod/mod_dav.xml
blob: a800702718febcc0ec36d2764694543327ed3c1b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
<?xml version="1.0"?>
<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
<modulesynopsis metafile="mod_dav.xml.meta">

<name>mod_dav</name> 
<description>Distributed Authoring and Versioning
(<a href="http://www.webdav.org/">WebDAV</a>) functionality</description>
<status>Extension</status>
<sourcefile>mod_dav.c</sourcefile>
<identifier>dav_module</identifier>

<summary>
    <p>This module provides class 1 and class 2 <a
    href="http://www.webdav.org">WebDAV</a> ('Web-based Distributed
    Authoring and Versioning') functionality for Apache. This
    extension to the HTTP protocol allows creating, moving,
    copying, and deleting resources and collections on a remote web
    server.</p>
</summary>
<seealso><directive module="mod_dav_fs">DavLockDB</directive></seealso>
<seealso><directive module="core">LimitXMLRequestBody</directive></seealso>
<seealso><a href="http://www.webdav.org">WebDAV Resources</a></seealso>

<section id="example"><title>Enabling WebDAV</title>
    <p>To enable <module>mod_dav</module>, add the following to a
    container in your <code>httpd.conf</code> file:</p>

    <example>Dav On</example>

    <p>This enables the DAV file system provider, which is implemented by
    the <module>mod_dav_fs</module> module. Therefore that module has to
    be compiled into the server or has to be loaded at runtime using the
    <directive module="mod_so">LoadModule</directive> directive.</p>
    
    <p>In order to make it work you have to specify a web-server writable
    filename for the DAV lock database by adding the following to the
    global section in your <code>httpd.conf</code> file:</p>

    <example>
      DavLockDB /tmp/DavLock
    </example>

    <p>You may wish to add a <directive module="core" type="section"
    >Limit</directive> clause inside the <directive module="core"
    type="section">Location</directive> directive to limit access to
    DAV-enabled locations. If you want to set the maximum amount of
    bytes that a DAV client can send at one request, you have to use
    the <directive module="core">LimitXMLRequestBody</directive>
    directive. The "normal" <directive module="core"
    >LimitRequestBody</directive> directive has no effect on DAV
    requests.</p>

    <example><title>Full Example</title>
      DavLockDB /tmp/DavLock<br />
      <br />
       &lt;Location /foo&gt;<br />
       <indent>
         Dav On<br />
         <br />
         AuthType Basic<br />
         AuthName DAV<br />
         AuthUserFile user.passwd<br />
         <br />
         &lt;LimitExcept GET HEAD OPTIONS&gt;<br />
         <indent>
           require user admin<br />
         </indent>
         &lt;/LimitExcept&gt;<br />
       </indent>
       &lt;/Location&gt;<br />
    </example>

    <note type="warning"><title>Security</title>
      <p>The use of HTTP Basic Authentication is not recommended. You
      should use at least HTTP Digest Authentication, which is provided by
      the <module>mod_auth_digest</module> module. Nearly all WebDAV clients
      support this authentication method. Of course, Basic Authentication
      over an <a href="../ssl/">SSL</a> enabled connection is secure,
      too.</p>
    </note>
</section>

<directivesynopsis>
<name>Dav</name>
<description>Enable WebDAV HTTP methods</description>
<syntax>Dav On|Off|<var>provider-name</var></syntax>
<default>Dav Off</default>
<contextlist><context>directory</context></contextlist>

<usage>
    <p>Use the <directive>Dav</directive> directive to enable the
    WebDAV HTTP methods for the given container:</p>

    <example>
      &lt;Location /foo&gt;<br />
      <indent>
        Dav On<br />
      </indent>
      &lt;/Location&gt;
    </example>

    <p>The value <code>On</code> is actually an alias for the default
    provider <code>filesystem</code> which is served by the <module
    >mod_dav_fs</module> module. Note, that once you have DAV enabled
    for some location, it <em>cannot</em> be disabled for sublocations.
    For a complete configuration example have a look at the <a
    href="#example">section above</a>.</p>

    <note type="warning">
      Do not enable WebDAV until you have secured your server. Otherwise
      everyone will be able to distribute files on your system.
    </note>
</usage>
</directivesynopsis>

<directivesynopsis>
<name>DavMinTimeout</name>
<description>Minimum amount of time the server holds a lock on
a DAV resource</description>
<syntax>DavMinTimeout <var>seconds</var></syntax>
<default>DavMinTimeout 0</default>
<contextlist><context>server config</context><context>virtual host</context>
<context>directory</context></contextlist>

<usage>
    <p>When a client requests a DAV resource lock, it can also
    specify a time when the lock will be automatically removed by
    the server. This value is only a request, and the server can
    ignore it or inform the client of an arbitrary value.</p>

    <p>Use the <directive>DavMinTimeout</directive> directive to specify, in
    seconds, the minimum lock timeout to return to a client.
    Microsoft Web Folders defaults to a timeout of 120 seconds; the
    <directive>DavMinTimeout</directive> can override this to a higher value
    (like 600 seconds) to reduce the chance of the client losing
    the lock due to network latency.</p>

    <example><title>Example</title>
      &lt;Location /MSWord&gt;<br />
      <indent>
        DavMinTimeout 600<br />
      </indent>
      &lt;/Location&gt;
    </example>
</usage>     
</directivesynopsis>

<directivesynopsis>
<name>DavDepthInfinity</name>
<description>Allow PROPFIND, Depth: Infinity requests</description>
<syntax>DavDepthInfinity on|off</syntax>
<default>DavDepthInfinity off</default>
<contextlist><context>server config</context><context>virtual host</context>
<context>directory</context></contextlist>

<usage>
    <p>Use the <directive>DavDepthInfinity</directive> directive to
    allow the processing of <code>PROPFIND</code> requests containing the
    header 'Depth: Infinity'. Because this type of request could constitute
    a denial-of-service attack, by default it is not allowed.</p>
</usage>
</directivesynopsis>

</modulesynopsis>