Fixes Issue 25.

evert · evert · commit bcd7b8ff92a5 · 2010-04-07T17:06:20.000+09:00
diff --git a/ChangeLog b/ChangeLog
@@ -4,6 +4,7 @@
 	* Added: MySQL database dumps. MySQL is now also supported next to SQLite. 
 	* Added: expand-properties REPORT from RFC 3253.
 	* Added: Sabre_DAV_Property_IHref interface for properties exposing urls.
+	* Added: Issue 25: Throwing error on broken Finder behaviour.
 	* Changed: Authentication backend is now aware of current user.
 
 1.2.0alpha1 (2010-03-31)
diff --git a/lib/Sabre/DAV/Server.php b/lib/Sabre/DAV/Server.php
@@ -527,6 +527,50 @@ protected function httpPropPatch() {
      */
     protected function httpPut() {
 
+        $body = $this->httpRequest->getBody();
+
+        // Intercepting the Finder problem
+        if (($expected = $this->httpRequest->getHeader('X-Expected-Entity-Length')) && $expected > 0) {
+           
+            /**
+            Many webservers will not cooperate well with Finder PUT requests, 
+            because it uses 'Chunked' transfer encoding for the request body.
+
+            The symptom of this problem is that Finder sends files to the 
+            server, but they arrive as 0-lenght files in PHP.
+
+            If we don't do anything, the user might think they are uploading
+            files successfully, but they end up empty on the server. Instead,
+            we throw back an error if we detect this.
+
+            The reason Finder uses Chunked, is because it thinks the files
+            might change as it's being uploaded, and therefore the
+            Content-Length can vary.
+
+            Instead it sends the X-Expected-Entity-Length header with the size
+            of the file at the very start of the request. If this header is set,
+            but we don't get a request body we will fail the request to
+            protect the end-user.
+            */
+
+            // Only reading first byte
+            $firstByte = fread($body,1);
+            if (strlen($firstByte)!==1) {
+                throw new Sabre_DAV_Exception_Forbidden('This server is not compatible with OS/X finder. Consider using a different WebDAV client or webserver.');
+            }
+
+            // The body needs to stay intact, so we copy everything to a
+            // temporary stream.
+
+            $newBody = fopen('php://temp','r+');
+            fwrite($newBody,$firstByte);
+            stream_copy_to_stream($body, $newBody);
+            rewind($newBody);
+
+            $body = $newBody;
+
+        }
+
         // First we'll do a check to see if the resource already exists
         try {
 
@@ -544,14 +588,14 @@ protected function httpPut() {
             if (!($node instanceof Sabre_DAV_IFile)) throw new Sabre_DAV_Exception_Conflict('PUT is not allowed on non-files.');
             if (!$this->broadcastEvent('beforeWriteContent',array($this->getRequestUri()))) return false;
 
-            $node->put($this->httpRequest->getBody());
+            $node->put($body);
             $this->httpResponse->setHeader('Content-Length','0');
             $this->httpResponse->sendStatus(200);
 
         } catch (Sabre_DAV_Exception_FileNotFound $e) {
 
             // If we got here, the resource didn't exist yet.
-            $this->createFile($this->getRequestUri(),$this->httpRequest->getBody());
+            $this->createFile($this->getRequestUri(),$body);
             $this->httpResponse->setHeader('Content-Length','0');
             $this->httpResponse->sendStatus(201);
 
diff --git a/tests/Sabre/DAV/ServerFinderBlockTest.php b/tests/Sabre/DAV/ServerFinderBlockTest.php
@@ -0,0 +1,54 @@
+<?php
+
+require_once 'Sabre/HTTP/ResponseMock.php';
+require_once 'Sabre/DAV/AbstractServer.php';
+require_once 'Sabre/DAV/Exception.php';
+
+class Sabre_DAV_ServerFinderBlockTest extends Sabre_DAV_AbstractServer{
+
+    function testPut() {
+
+        $serverVars = array(
+            'REQUEST_URI'    => '/testput.txt',
+            'REQUEST_METHOD' => 'PUT',
+            'HTTP_X_EXPECTED_ENTITY_LENGTH' => '20',
+        );
+
+        $request = new Sabre_HTTP_Request($serverVars);
+        $request->setBody('Testing finder');
+        $this->server->httpRequest = $request;
+        $this->server->exec();
+
+        $this->assertEquals('', $this->response->body);
+        $this->assertEquals('HTTP/1.1 201 Created',$this->response->status);
+        $this->assertEquals(array(
+            'Content-Length' => '0',
+        ),$this->response->headers);
+
+        $this->assertEquals('Testing finder',file_get_contents(SABRE_TEMPDIR . '/testput.txt'));
+
+    }
+
+    function testPutFail() {
+
+        $serverVars = array(
+            'REQUEST_URI'    => '/testput.txt',
+            'REQUEST_METHOD' => 'PUT',
+            'HTTP_X_EXPECTED_ENTITY_LENGTH' => '20',
+        );
+
+        $request = new Sabre_HTTP_Request($serverVars);
+        $request->setBody('');
+        $this->server->httpRequest = $request;
+        $this->server->exec();
+
+        $this->assertEquals('HTTP/1.1 403 Forbidden',$this->response->status);
+        $this->assertEquals(array(
+            'Content-Type' => 'application/xml; charset=utf-8',
+        ),$this->response->headers);
+
+        $this->assertFalse(file_exists(SABRE_TEMPDIR . '/testput.txt'));
+    }
+}
+
+?>
