[Akonadi] [Bug 318641] Cal-/CardDAV Resource one-way sync only

Tim Drub tim.drub at hacky.eu
Tue Apr 23 11:24:40 BST 2013 

https://bugs.kde.org/show_bug.cgi?id=318641

--- Comment #2 from Tim Drub <tim.drub at hacky.eu> ---
Hi Grégory,

looking at the SabreDAV documentation they recommend using Web Debugging
Proxies. Since i couldn't get ZAP to run (I think it didn't like the
authentication) I ran Fiddler inside a Windows Virtual machine and had traffic
go through it. Here is the result.

This is the request sent from the client:

--- Request BEGIN ---
REPORT https://hostname/addressbooks/timdrub/default/ HTTP/1.1
Host: hostname
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/534.34 (KHTML, like
Gecko) akonadi_davgroupware_resource_34/4.10.2 Safari/534.34
Pragma: no-cache
Cache-control: no-cache
Accept: text/html, text/*;q=0.9, image/jpeg;q=0.9, image/png;q=0.9,
image/*;q=0.9, */*;q=0.8
Accept-Encoding: gzip, deflate, x-gzip, x-deflate
Accept-Charset: utf-8,*;q=0.5
Accept-Language: en-US,de;q=0.9,en;q=0.8
Content-Type: text/xml
Depth: 1
Content-Length: 448

<?xml version="1.0" encoding="utf-8"?>
<addressbook-multiget xmlns="urn:ietf:params:xml:ns:carddav">
 <prop xmlns="DAV:">
  <getetag xmlns="DAV:"/>
  <address-data xmlns="urn:ietf:params:xml:ns:carddav">
   <allprop xmlns="DAV:"/>
  </address-data>
 </prop>
 <href xmlns="DAV:">/addressbooks/timdrub/default/asgoYb9ORR.vcf</href>
 <href
xmlns="DAV:">/addressbooks/timdrub/default/B353282B-01FF-4F5C-9B8F-9D35DD65FF47.vcf</href>
</addressbook-multiget>
--- Request END ---

And this is the server response

--- Response BEGIN ---
HTTP/1.1 501 Not Implemented
WWW-Authenticate: Basic realm="CalDAV and CardDAV Repository"
Content-Type: text/html
Content-Length: 357
Date: Tue, 23 Apr 2013 09:46:26 GMT
Server: lighttpd/1.4.28

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
         "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
 <head>
  <title>501 - Not Implemented</title>
 </head>
 <body>
  <h1>501 - Not Implemented</h1>
 </body>
</html>
--- Response END ---

And this is how it looks like from an iOS client:

-- Request BEGIN ---
REPORT https://hostname/addressbooks/timdrub/default/ HTTP/1.1
Host: hostname
Authorization: Basic Y2hiY2a6MDIxJG2rSUu=
Accept-Encoding: gzip, deflate
Content-Type: text/xml
Accept-Language: de-de
Content-Length: 388
Accept: */*
Connection: keep-alive
Proxy-Connection: keep-alive
User-Agent: iOS/6.1.3 (10B329) dataaccessd/1.0

<?xml version="1.0" encoding="UTF-8"?>
<B:addressbook-multiget xmlns:B="urn:ietf:params:xml:ns:carddav">
  <A:prop xmlns:A="DAV:">
    <A:getetag/>
    <B:address-data/>
  </A:prop>
  <A:href xmlns:A="DAV:">/addressbooks/chack/default/asgoYb9ORR.vcf</A:href>
  <A:href
xmlns:A="DAV:">/addressbooks/chack/default/B353282B-01FF-4F5C-9B8F-9D35DD65FF47.vcf</A:href>
</B:addressbook-multiget>
--- Request END ---

And the server response again:

--- Response BEGIN---
HTTP/1.1 207 Multi-status
X-Powered-By: PHP/5.3.3-7+squeeze15
Content-Type: application/xml; charset=utf-8
Vary: Brief,Prefer
Transfer-Encoding: chunked
Date: Tue, 23 Apr 2013 10:11:38 GMT
Server: lighttpd/1.4.28

516
<?xml version="1.0" encoding="utf-8"?>
<d:multistatus xmlns:d="DAV:" xmlns:s="http://sabredav.org/ns"
xmlns:cal="urn:ietf:params:xml:ns:caldav"
xmlns:cs="http://calendarserver.org/ns/"
xmlns:card="urn:ietf:params:xml:ns:carddav"><d:response><d:href>/addressbooks/chack/default/asgoYb9ORR.vcf</d:href><d:propstat><d:prop><card:address-data>BEGIN:VCARD
VERSION:3.0
PRODID:-//Apple Inc.//iOS 6.1.3//EN
N:West;Test;the;;
FN:Test the West
TEL;type=CELL;type=VOICE;type=pref:65432
REV:2013-04-19T19:20:59Z
UID:asgoYb9ORR
END:VCARD
</card:address-data><d:getetag>"cd0aaa582c9ce9448707d4097a6f80a4"</d:getetag></d:prop><d:status>HTTP/1.1
200
OK</d:status></d:propstat></d:response><d:response><d:href>/addressbooks/chack/default/B353282B-01FF-4F5C-9B8F-9D35DD65FF47.vcf</d:href><d:propstat><d:prop><card:address-data>BEGIN:VCARD
VERSION:3.0
PRODID:-//Apple Inc.//iOS 6.1.3//EN
N:man;you are thr;;;
FN:you are thr man
EMAIL;type=INTERNET;type=HOME;type=pref:nshiahabja at iisiso.com
REV:2013-04-19T19:22:28Z
UID:A05A7F5C-0DFB-4251-BD23-E9A8BE4FA3E0
END:VCARD
</card:address-data><d:getetag>"68877951f071e8bb244a41e33192b6a0"</d:getetag></d:prop><d:status>HTTP/1.1
200 OK</d:status></d:propstat></d:response></d:multistatus>

0

--- Response END ---


This looks pretty similar to me, only that the tags in the iOS Request are
prefixed with A,B, etc. Dunno? What do you think?

Regards
Tim













ZAP - https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
Fiddler - http://fiddler2.com/

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the Kdepim-bugs mailing list