Thanks for your answer Ján.
Your explanation make me think that the problem comes from the "401 Unauthorized" answer, thought it is a normal behavior since I need to authenticate against DAViCal. My browser should try to authenticate with the user/password entered I entered, which is not the case.
Julien
On Wed, July 10, 2013 16:07, Ján Máté wrote:
No you do not need customization. If the OPTIONS request fails then the "RewriteRule ^(.*)$ $1 [R=200,L]" is not processed.
RewriteCond %{HTTP:Access-Control-Request-Method} !^$ RewriteCond %{REQUEST_METHOD} OPTIONS RewriteRule ^(.*)$ $1 [R=200,L]
says that the server MUST reply with 200 code (success) if any OPTIONS request is performed with "Access-Control-Request-Method" header set (and this is set by your browser if it performs a cross domain query = this is the "preflight request" in CORS).
JM
On Jul 10, 2013, at 3:59 PM, "Julien Métairie" ruliane@ruliane.net wrote:
Hi Ján,
I forgot to mention this part of the setup : I activated mod_headers and mod_rewrite and then added the following to my default vhost (copy/paste from config_davical.txt) :
RewriteEngine On
<IfModule mod_headers.c> Header unset Access-Control-Allow-Origin Header unset Access-Control-Allow-Methods Header unset Access-Control-Allow-Headers Header unset Access-Control-Allow-Credentials Header unset Access-Control-Expose-Headers
Header always set Access-Control-Allow-Origin "*" Header always set Access-Control-Allow-Methods "GET,POST,OPTIONS,PROPFIND,REPORT,PUT,MOVE,DELETE,LOCK,UNLOCK" Header always set Access-Control-Allow-Headers "User-Agent,Authorization,Content-type,Depth,If-match,If-None-Match,Lock-Token,Timeout,Destination,Overwrite,X-client,X-Requested-With" Header always set Access-Control-Allow-Credentials true Header always set Access-Control-Expose-Headers "Etag" RewriteCond %{HTTP:Access-Control-Request-Method} !^$ RewriteCond %{REQUEST_METHOD} OPTIONS RewriteRule ^(.*)$ $1 [R=200,L]
</IfModule>
Is there something to be customized ?
Julien
On Wed, July 10, 2013 15:39, Ján Máté wrote:
Your apache configuration is wrong - you need to add CORS headers to your server response - see misc/config_davical.txt
JM
On Jul 10, 2013, at 3:08 PM, "Julien Métairie" ruliane@ruliane.net wrote:
Hi everybody,
I am trying to use CalDavZap with crossdomain. My DaviCAL installation is located at http://davical.my.domain/. My CalDavZap installation is located at http://appart.my.domain/caldavzap/.
I configured my Apache vhost and set the following in config.js : var globalNetworkCheckSettings={ href: location.protocol+'//davical.my.domain/caldav.php/', hrefLabel: null, crossDomain: true, additionalResources: [], forceReadOnly: null, withCredentials: false, showHeader: true, settingsAccount: true, checkContentType: true, syncInterval: 60000, timeOut: 30000, lockTimeOut: 10000, delegation: false, ignoreAlarms: false, backgroundCalendars: [] }
When I visit http://appart.my.domain/caldavzap/ I am prompted to enter credentials (in an HTML form). When I enter credentials, the following lines appear in the console (using Firefox 22.0) : OPTIONS http://davical.my.domain/caldav.php/ [HTTP/1.1 401 Unauthorized 160ms] Error: [netCheckAndCreateConfiguration: 'http://davical.my.domain/caldav.php/'] code: '404'
Any idea ? Julien