[Cyberduck-trac] [Cyberduck] #10378: Handling of WebDAV GET URL broken

Cyberduck trac at cyberduck.io
Mon Jun 25 11:23:15 UTC 2018 

#10378: Handling of WebDAV GET URL broken
-------------------------+----------------------
 Reporter:  Onnonymous   |         Owner:
     Type:  defect       |        Status:  new
 Priority:  normal       |     Milestone:
Component:  webdav       |       Version:  6.6.2
 Severity:  normal       |    Resolution:
 Keywords:               |  Architecture:
 Platform:  macOS 10.13  |
-------------------------+----------------------
Description changed by Onnonymous:

Old description:

> Hi,
>
> I have a URL like this (with a Macaroon based authentication token):
>
> {{{
> https://dolphin12.grid.surfsara.nl:2880/?authz=token
> }}}
>
> With CURL this works fine, so the token is correct. However, Cyberduck
> does not seem to be able to handle this. It asks for the
> username/password, and after that it asks for a client certificate, but
> whatever I fill in, it doesn't work. I get this error:
>
> > Listing directory ?authz=token failed. Unexpected response (404 Not
> Found). Please contact your web hosting service provider for assistance.
>
> I found this in the server log:
>
> {{{
> https://dolphin12.grid.surfsara.nl:2880/%3Fauthz=token/
> }}}
>
> I see 2 issues here:
>
> 1. The `?` in the GET URL appears to be UUencoded;
> 2. The path, in this case `/`, is appended to the GET URL, which alters
> the token so that authentication fails. Also, the path is not parsed by
> the server this way.
>
> So I would like to request:
>
> 1. That a GET URL is not UUencoded;
> 2. That any path is inserted before the GET variables, instead of
> appended at the end.
>
> Thanks!
> Onno

New description:

 Hi,

 I have a URL like this (with a Macaroon based authentication token):

 {{{
 https://dolphin12.grid.surfsara.nl:2880/?authz=token
 }}}

 With CURL this works fine, so the token is correct. However, Cyberduck
 does not seem to be able to handle this. It asks for the
 username/password, and after that it asks for a client certificate, but
 whatever I fill in, it doesn't work. I get this error:

 > Listing directory ?authz=token failed. Unexpected response (404 Not
 Found). Please contact your web hosting service provider for assistance.

 I found this in the server log:

 {{{
 https://dolphin12.grid.surfsara.nl:2880/%3Fauthz=token/
 }}}

 I see 2 issues here:

 1. The `?` in the GET URL appears to be URLencoded;
 2. The path, in this case `/`, is appended to the GET URL, which alters
 the token so that authentication fails. Also, the path is not parsed by
 the server this way.

 So I would like to request:

 1. That a GET URL is not URLencoded;
 2. That any path is inserted before the GET variables, instead of appended
 at the end.

 Thanks!
 Onno

--

--
Ticket URL: <https://trac.cyberduck.io/ticket/10378#comment:2>
Cyberduck <https://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows

More information about the Cyberduck-trac mailing list