RE: Why not an encapsulation for DAV over standard HTTP 1.0 or 1.1 without required server extension ? from Philippe Verdy on 2001-03-27 (w3c-dist-auth@w3.org from January to March 2001)

From: Philippe Verdy <verdy_p@wanadoo.fr>
Date: Tue, 27 Mar 2001 11:47:20 +0200
To: <w3c-dist-auth@w3.org>
Message-ID: <004d01c0b6a2$eacaf2a0$2101a8c0@hppve>
Your answer is informative, but it still does not solve the problem of seb
servers that only implement the basic methods: GET, HEAD, OPTIONS, and
TRACE.
A simple test on many web servers (despite they are using a recent Apache
version with mod_perl extension, and even with mod_php allowed), will reveal
that most of web servers used by web hosting providers do not allow any DAV
protocol because of these limitation:

To test it, just use the following telnet session to the HTTP port of the
webserver:

>> Request:
telnet www.webhostingprovider.net 80
OPTIONS / HTTP/1.1
Host: www.webhostingprovider.net

>> Answer:
HTTP/1.1 200 OK
Date: Tue, 27 Mar 2001 08:11:50 GMT
Server: Apache/1.3.12 (Unix) Debian/GNU mod_modperl/1.24
Content-Length: 0
Allow: GET, HEAD, OPTIONS, TRACE

This (sample) session clearly indicates that DAV cannot work on that
webserver, because the required methods are not implemented and I really
think that most web hosting providers won't change the current rules of
publishing via FTP only...

Note that to test the presence of a POST method, you have to find a resource
that accepts such posts. Classic default resources for paths only have a
default .html file that does not support POST. But, if the default ressource
pointed by the home directory is a file like index.php3 which could perform
useful actions on POSTS or on other methods, you will see the following
result for the same request:

>> Answer:
HTTP/1.1 200 OK
Date: Tue, 27 Mar 2001 08:11:50 GMT
Server: Apache/1.3.12 (Unix) Debian/GNU mod_modperl/1.24
Content-Length: 0
Allow: GET, HEAD, POST, OPTIONS, TRACE

And thus, there is still no support for other methods, and users are sticked
not to use DAV at all, despite they could use an encapsulation of it using
POST requests (publishing a web page could also be performed using standard
HTML forms which would send the result with the POST method).

I think personally that a light version of DAV without HTTP server extension
is possible now, without modifying the server to enable new HTTP extensions,
and without changing the core of DAV. If the conceptors of DAV do not want
to implement it, users will do it themselves !

Your answer suggests me that I could form a group to implement an
encapsulation of DAV over POST, using a simple encapsulation of XML requests
within a new XML container that specifies the method documented by DAV, such
that the following session example to PUT a resource on the web server,
using a POST-encapsulation:

>> Request from client to the script run at web server:

POST /myaccount/scripts/postDAV.php
Host: www.provider.com
Content-Type: multipart/mixed; boundary="-----=NextPart:postDAV-----"
Content-Length: 0

-----=NextPart:postDAV-----
Content-Part: request
Content-Type: text/xml; encoding=UTF-8
Content-Transfer-Encoding: 8bit
Content-Length: xxx

<xml ns="postdav">
<webdav>
  <auth method="basic" realm="">
    <user>myownlogin</user><!-- encoded in Base64 -->
    <password>XYZdf5ggrv</user><!-- encoded in Base64 -->
  </auth>
  <request method="PUT" resource="/myresource-to-publish.html"
version="HTTP/1.1">
    <tag>123456-8F3C-83FE0012</tag><!-- random number from client -->
    <meta http-equiv="Host" content="www.provider.com" />
    <body id="body" /><!-- indicates the tag of the content-part -->
  </request>
</webdav>
</xml>

-----=NextPart:postDAV-----
Content-Part: body
Content-Type: text/html; encoding=iso8859-1
Content-Transfer-Encoding: 8bit
Content-Length: xxx

<!DOCTYPE HTML ...>
<html>
<head>
   ...
</head>
<body>
   ...
</body>
</html>
-----=NextPart:postDAV-----



>> Answer from the script run at web server:

HTTP/1.1 200 OK <!-- should always be OK -->
Date: Tue, 27 Mar 2001 08:11:50 GMT
Server: Apache/1.3.12 (Unix) Debian/GNU mod_modperl/1.24
Content-Length: 0
ETag: "9DB189-FC02-38A40031"
Content-Type: multipart/mixed ; boundary="-----=NextPart:postDAV-----"
Content-Length: 0

-----=NextPart:postDAV-----
Content-Part: answer
Content-Type: text/xml; encoding=UTF-8
Content-Transfer-Encoding: 8bit
Content-Length: xxx

<xml ns="postdav">
<webdav>
  <answer version="HTTP/1.1" status="200" title="OK"><!-- effective DAV
status -->
    <tag>123456-8F3C-83FE0012</tag><!-- random number from client -->
    <body part="body"/><!-- optional: only if DAV specifies a body for the
answer -->
  </answer>
</webdav>
</xml>
-----=NextPart:postDAV-----
Content-Part: body
Content-Type: text/html; encoding=iso8859-1
Content-Transfer-Encoding: 8bit
Content-Length: xxx

<!DOCTYPE HTML ...>
<HTML>
<HEAD>
  <TITLE>WebDAV Answer - HTTP/1.1 200 OK</TITLE>
</HEAD>
<BODY>
  <H1>WebDAV Answer</H1>
  <H2>Your request:</H2>
  <BLOCKQUOTE>
    <P>PUT /myresource-to-publish.html HTTP/1.1</P>
    <P>Tag: 123456-8F3C-83FE0012</P>
  </BLOCKQUOTE>
  <H2>Has returned with the following status:</H2>
  <BLOCKQUOTE>
    <P><B>HTTP/1.1 200 OK</B></P>
    <P> </P>
    <P>The resource has been accepted and is now online.</P>
  </BLOCKQUOTE>
</BODY>
</HTML>
-----=NextPart:postDAV-----
Received on Tuesday, 27 March 2001 04:50:26 UTC