WebDAV does not work with the web app

[hampoelz]

Hello, I can not connect to WebDAV on the web app.

Error: network error

[yp6128]

Same error here :(

[sunjam]

Same error here as well.

[jhass]

Somebody with this error has to dive in and debug this, unfortunately with this complete lack of any information you folk are out of luck, sorry.

[sunjam]

Makes sense. What kind of error logs would you find the most helpful?

[jhass]

Any really. Browser console, nextcloud, webserver, anything that looks related.

[kangaroo72]

I'm typing in, 'cause I also have that network error :-(

[kangaroo72]

I would like to help - but I don't know what to provide. I'm not experienced in that coding ... :-(

[variamus]

Hello, I'm getting the same error: Refused to connect to 'https://mydomain.name:5005/keepassfile.kdbx' because it violates the following Content Security Policy directive: "connect-src 'self' https://plugins.keeweb.info"

Also, I've enabled CORS settings in Apache as provided:

<VirtualHost :5005> DocumentRoot /var/www/html/webdav ServerName mydomain.name RewriteEngine On RewriteCond %{REQUEST_METHOD} OPTIONS RewriteRule ^(.)$ blank.html [R=200,L,E=HTTP_ORIGIN:%{HTTP:ORIGIN}] [...] <Directory /var/www/html/webdav> [...] DAV On Options Indexes Header always set Access-Control-Allow-Origin "*" Header always set Access-Control-Allow-Headers "origin, content-type, cache-control, accept, authorization, if-match, destination, overwrite" Header always set Access-Control-Expose-Headers "ETag" Header always set Access-Control-Allow-Methods "GET, HEAD, POST, PUT, OPTIONS, MOVE, DELETE, COPY, LOCK, UNLOCK" Header always set Access-Control-Allow-Credentials "true" Header always set Content-Security-Policy "connect-src 'self' https://plugins.keeweb.info" [...]

[fabthegreat]

Same...

[antler5]

I've been getting this error message while running Nextcloud behind my Caddy2 Reverse Proxy, much like the folks over in Issue #40 running behind HAProxy. At first, much like them, I thought the issue was with the HTTP request that should have been HTTPS, backed by the finding that if I take my request URL (with the request token included) and try to use that as a webdav address, it wouldn't work, but manually adding the 's' to HTTPS did work. Explicitly rewriting the HTTP request to HTTPS in my Caddy config didn't help. Now, I've been fiddling around with running vanilla Keeweb behind my proxy all evening, and I'm sure it's a headers issue. Perhaps upgrading to an HTTPS request in response to the "X-Forwarded-Proto: https" header (as suggested ikke-t) would work, but I also wouldn't be surprised if it was an issue with Content Security Policy (connect-src) or one of the headers needed to run Keeweb itself. I'll include my working Caddy 2 Keeweb config here in case it helps anyone, but I still haven't gotten nextcloud-keeweb's webdav option to work.

header {
                # Note that I'm running this behind basicauth, 
                # and that the OPTIONS method must be available without auth,
                # logic for neither of which are included here.
                Access-Control-Allow-Credentials true
                Access-Control-Allow-Origin *
                Access-Control-Allow-Methods GET,HEAD,POST,PUT,OPTIONS,MOVE,DELETE,COPY,LOCK,UNLOCK,PROPFIND,MKCOL
                Access-Control-Allow-Headers Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Accept-Charset,X-Accept,origin,accept,if-match,destination,overwrite
        }

Edit: Are Headers a nextcloud-keeweb issue? I've been making the most progress in my proxy config, and would love to hear if anyone else has encountered this error, what setup they're using, and what errors appear in the browser Dev console.