4. [iCloud] CardDAV: wrong MIME type for 412 Precondition failed with XML description

[iCloud] CardDAV: wrong MIME type for 412 Precondition failed with XML description

  • R
    developer

    For reference and transparency: We have created this report on Apple Bug Reporter on 12 Oct 2018 here: https://bugreport.apple.com/web/?problemID=45222051

    Hello,

    When iCloud send 412 Precondition failed on an invalid sync-token, it uses "text/plain" instead of "application/xml" MIME type for the XML error description.

    Steps to reproduce:

    1. Send an HTTP REPORT sync-collection [https://tools.ietf.org/html/rfc6578#section-3.2] request with an invalid (outdated, etc.) sync-token to iCloud:
    REPORT url=https://p59-contacts.icloud.com/xxxx/carddavhome/card/
<?xml version='1.0' encoding='UTF-8' ?><sync-collection xmlns="DAV:"><sync-token>this-is-invalid</sync-token><sync-level>1</sync-level><prop><getetag /></prop></sync-collection>

    Actual result:

    Server responds with 412 Precondition Failed and valid-sync-token XML precondition element [https://tools.ietf.org/html/rfc6578#section-3.2]

    <-- 412 Precondition Failed
Server: AppleHttpServer/2f080fc0
Date: Fri, 12 Oct 2018 10:17:59 GMT
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
X-Apple-Jingle-Correlation-Key: xxxxxxxxxxxxx
apple-seq: 0
apple-tk: false
Apple-Originating-System: UnknownOriginatingSystem
X-Responding-Instance: carddav:15900201:st42p59ic-tyfb13213201:8001:1819B41:51222b91b
Via: xrail:st13p00ic-zteu25283601.me.com:8301:18H64:grp62
Strict-Transport-Security: max-age=31536000; includeSubDomains;
via: icloudedge:br30p01ic-zteu03012201:7401:18RC550:Berlin
X-Apple-Request-UUID: xxxxxxxxxxxxxxxx
access-control-expose-headers: X-Apple-Request-UUID
access-control-expose-headers: Via

<?xml version='1.0' encoding='UTF-8'?>
<error xmlns='DAV:'>
    <valid-sync-token/>
</error>

    As you can see, the Content-Type is "text/plain; charset=UTF-8", although it should be application/xml or text/xml [https://tools.ietf.org/html/rfc4918#section-8.2].

    This causes clients like our software DAVdroid to

    1. not parse the response as XML, so
    2. that valid-sync-token is not recognized as the reason why the request has failed, so
    3. DAVdroid does NOT retry without sync token, but aborts with an error message.
    4. So the sync has failed with an error message.

    Expected result:

    Same response, but with Content-Type: application/xml [https://tools.ietf.org/html/rfc4918#section-8.2].

    0
3rd-party issue 260 icloud 12