Reputation: 21346
Apache mod_dav 400 Bad Request for non-existent collection resource
Apache seems to be sending back a 400 Bad Request for a simple non-existing collection resource.
I have a resource /test/junit/test.bin. I want to check if the collection /test/junit/test.bin/ exists (i.e. a collection of the same name)---according to RFC 2518, a collection (with a slash) and a non-collection are distinct. When I issue a PROPFIND on /test/junit/test.bin/, Apache responds with a 400 Bad Request.
Now, I understand that many people and implementation have blurred the lines between collections and non-collections---that is, whether a collection has to have an ending slash. But whatever the case, the collection /test/junit/test.bin/ does not exist---issuing a PROPFIND on a collection that does not exist is not a "bad request". Shouldn't Apache simply issue a standard 404 Not Found or 410 Gone? What was "bad" about my request?
PROPFIND /test/junit/test.bin/ HTTP/1.1
depth: 1
content-length: 102
authorization: BASIC XXXXX
host: example.com
<?xml version="1.0" encoding="UTF-8"?>
<D:propfind xmlns:D="DAV:">
<D:allprop />
</D:propfind>
HTTP/1.1 400 Bad Request
Date: Mon, 23 Jan 2012 15:30:37 GMT
Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8k DAV/2 SVN/1.7.2 mod_jk/1.2.28
Content-Length: 226
Connection: close
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
</p>
</body></html>
Here's what Apache puts in the logs:
[Mon Jan 23 14:31:09 2012] [error] [client XX.XXX.XX.XXX] Could not fetch resource information. [400, #0]
[Mon Jan 23 14:31:09 2012] [error] [client XX.XXX.XX.XXX] (20)Not a directory: The URL contains extraneous path components. The resource could not be identified. [400, #0]
Yes, I understand that a resource of the same name exists and I'm asking for properties of a collection. So we can say "that's why Apache is doing this". But that doesn't explain anything---it is simply a prediction of what Apache will do. I want to know why Apache thinks it more appropriate to send back a 400 rather than a 404?
Upvotes: 2
Views: 3295
Answers (2)
Reputation: 21
I was getting same error with Apache 2.4 running as a Webdav server on Windows 2012 and resolved it disabling "mod_negotiation.so":
#LoadModule negotiation_module modules/mod_negotiation.so
Upvotes: 2
Reputation: 99533
Here's guessing:
Apache will actually allow sub-paths to be sent along to resources. An example with PHP:
http://example.org/index.php/foobar
Foo bar will be sent as PATH_INFO along to index.php. My guess is that it's the same functionality that now incorrectly sends back the HTTP/1.1 400.
An appropriate response would indeed be 404 Not Found, although because it's just an added slash, I would personally probably just map /test.bin/ to /test.bin.
A redirect to /test.bin would imho also be fine.
Just so you know I'm not just anyone, I spend 90% of my professional time on HTTP and WebDAV, CalDAV, etc.
Upvotes: 0
Related Questions
- Apache web server is always sending this response: 500 internal server error at HTTP POST
- How to use DAV and DirectoryIndex in Apache 2.4?
- How do I make a WebDav call using resttemplate?
- Unable to set up WebDAV with IIS 7
- Apache wrong RewriteRule for WebDAV service
- nginx webdav could not open collection
- WebDav 409 Error
- apache2: configuration of mod_dav, mod_dav_fs
- Getting 400 Bad request from WebDav Server
- C# Web Dav, why would a head request generated a 401?