<html> <head> <base href="https://bugs.documentfoundation.org/"> </head> <body><table border="1" cellspacing="0" cellpadding="8"> <tr> <th>Bug ID</th> <td><a class="bz_bug_link bz_status_UNCONFIRMED " title="UNCONFIRMED - Since version LibreOffice 6.4, Webdav cookie authentication is not possible." href="https://bugs.documentfoundation.org/show_bug.cgi?id=141164">141164</a> </td> </tr> <tr> <th>Summary</th> <td>Since version LibreOffice 6.4, Webdav cookie authentication is not possible. </td> </tr> <tr> <th>Product</th> <td>LibreOffice </td> </tr> <tr> <th>Version</th> <td>6.4.0.1 rc </td> </tr> <tr> <th>Hardware</th> <td>All </td> </tr> <tr> <th>OS</th> <td>Windows (All) </td> </tr> <tr> <th>Status</th> <td>UNCONFIRMED </td> </tr> <tr> <th>Severity</th> <td>normal </td> </tr> <tr> <th>Priority</th> <td>medium </td> </tr> <tr> <th>Component</th> <td>Writer </td> </tr> <tr> <th>Assignee</th> <td>libreoffice-bugs@lists.freedesktop.org </td> </tr> <tr> <th>Reporter</th> <td>Demarthe@neoledge.com </td> </tr></table> <p> <div> <pre>Description: Edit files from our Websites with "IT Hit Webdav Ajax Library" (<a href="https://www.webdavsystem.com/ajax/">https://www.webdavsystem.com/ajax/</a>) is not possible with cookie authentication. Steps to Reproduce: 1. On windows 10, mount a shared network on webdav url <a href="https://myServerDomain.com/DAV">https://myServerDomain.com/DAV</a> 2. Open file with this kind of url \\myServerDomain.com@SSL\DavWWWRoot\DAV\ioC8Whe4fk-2QhGllJokKA\sample.odt 3. LibreOffice should open the file with no webdav protocol (or manage cookies in webdav http calls.) Actual Results: Windows Webclient is no more used. LibreOffice opens our network file with the webdav protocol. Http Cookies are not kept and sent back during the exchanges with our application. Expected Results: Cookies must be managed by LibreOffice during the http calls and sent back. or \\server@SSL\DavWWWRoot\ should not be managed to keep Windows access to the file (without lock and full webdav) Reproducible: Always User Profile Reset: No Additional Info: Our application is using IT Hit Webdav Ajax Library to edit LibreOffice files (<a href="https://www.webdavsystem.com/ajax/">https://www.webdavsystem.com/ajax/</a>). Sample url : <a href="https://myServerDomain.com/DAV/ioC8Whe4fk-2QhGllJokKA/sample.odt">https://myServerDomain.com/DAV/ioC8Whe4fk-2QhGllJokKA/sample.odt</a> This tool opens a windows folder on the url like <a href="https://myServerDomain.com/DAV">https://myServerDomain.com/DAV</a> and then we can open our files like a file in shared network. \\myServerDomain.com@SSL\DavWWWRoot\DAV\ioC8Whe4fk-2QhGllJokKA\sample.odt This uses the Windows service "WebClient" to host all the web calls to open the remote file. The user-agent seen by our application is "Microsoft-WebDAV-MiniRedir". Since the first version 6.4 (we tested on the rc and not the 6.4 alpha), Libreoffice detects that the shared network is a webdav share and starts a webdav communication with our application. Very nice. We see a user-Agent "LibreOffice" in the http request but the authentication cookie is lost during the calls. Without the cookie, user is disconnected and it's a HTTP 401. User sees a prompt for a basic authentication by login/password. We used a single-use token in the url to authenticate our user on a file. This is the best trick to manage openId session on our application.</pre> </div> </p> <hr> <span>You are receiving this mail because:</span> <ul> <li>You are the assignee for the bug.</li> </ul> </body> </html>