Windows 10 will reach EOS (end of support) on October 14, 2025. For more information, see this article.

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

കൂടുതലറിയുക

CalDav and CardDav autoconfig

  • 1 മറുപടി
  • 0 have this problem
  • 2 കാഴ്ചകൾ
  • Last reply by point4d

point4d
point4d
more options

Hello. I'm trying to set up automatic config for DAV contacts and calendars located on my Nextcloud server. I've followed this doc: https://wiki.mozilla.org/Thunderbird:Autoconfiguration:ConfigFileFormat and I've managed to get at least the calendar to connect, but with one unfortunate condition: I have to open Thunderbird's about:config and set browser.opaqueResponseBlocking and browser.opaqueResponseBlocking.javascriptValidator to false.

Otherwise the request to DAV gets blocked by Thunderbird for some reason. Here is some information about my current setup: IMAP and SMTP servers are located at mail.mydomain.com, and email addresses look like user@mydomain.com. The webserver serving config-v1.1.xml is located there too, but it's behind a reverse proxy, which also proxies nextcloud.mydomain.com. When I add a new account to Thunderbird, it requests mydomain.com/.well-known/autoconfig/mail/config-v1.1.xml, so I've added a redirection rule on the reverse proxy which sends it to mail.mydomain.com and it seems to be working ok. I've added this section to the xml file: 

   <addressBook type="carddav">
     <username>%EMAILLOCALPART%</username>
     <authentication>http-basic</authentication>
     <serverURL>https://nextcloud.mydomain.com/remote.php/dav/</serverURL>
   </addressBook>

   <calendar type="caldav">
     <username>%EMAILLOCALPART%</username>
     <authentication>http-basic</authentication>
     <serverURL>https://nextcloud.mydomain.com/remote.php/dav/</serverURL>
   </calendar>

(username on the Nextcloud matches the local part of the email address)

But looking at Network tab of the dev console I can still see that it's trying to get well-known dav from my top level domain. So I add redirection from there too: mydomain.com/.well-known/caldav -> https://nextcloud.mydomain.com mydomain.com/.well-known/carddav -> https://nextcloud.mydomain.com

Finally I can see the request is made to correct address: 207 PROPFIND nextcloud.mydomain.com/remote.php/dav But the icon shows it's blocked and there is a message in the JS console: The resource at “https://nextcloud.mydomain.com/remote.php/dav” was blocked by OpaqueResponseBlocking. Reason: “nosniff is true and mimeType is an opaque-blocklisted MIME type or its essence is 'text/plain'”.

I've found 2 settings I can switch off: browser.opaqueResponseBlocking = false browser.opaqueResponseBlocking.javascriptValidator = false And after that, viola - I can see my calendars showing up upon adding the account (but not contacts, I think it's a separate issue and I have to check everything).

My question is: is it possible to set this up without manually switching Thunderbird options on every machine? Some HTTP headers, perhaps?

Hello. I'm trying to set up automatic config for DAV contacts and calendars located on my Nextcloud server. I've followed this doc: https://wiki.mozilla.org/Thunderbird:Autoconfiguration:ConfigFileFormat and I've managed to get at least the calendar to connect, but with one unfortunate condition: I have to open Thunderbird's about:config and set browser.opaqueResponseBlocking and browser.opaqueResponseBlocking.javascriptValidator to false. Otherwise the request to DAV gets blocked by Thunderbird for some reason. Here is some information about my current setup: IMAP and SMTP servers are located at mail.mydomain.com, and email addresses look like user@mydomain.com. The webserver serving config-v1.1.xml is located there too, but it's behind a reverse proxy, which also proxies nextcloud.mydomain.com. When I add a new account to Thunderbird, it requests mydomain.com/.well-known/autoconfig/mail/config-v1.1.xml, so I've added a redirection rule on the reverse proxy which sends it to mail.mydomain.com and it seems to be working ok. I've added this section to the xml file: <addressBook type="carddav"> <username>%EMAILLOCALPART%</username> <authentication>http-basic</authentication> <serverURL>https://nextcloud.mydomain.com/remote.php/dav/</serverURL> </addressBook> <calendar type="caldav"> <username>%EMAILLOCALPART%</username> <authentication>http-basic</authentication> <serverURL>https://nextcloud.mydomain.com/remote.php/dav/</serverURL> </calendar> (username on the Nextcloud matches the local part of the email address) But looking at Network tab of the dev console I can still see that it's trying to get well-known dav from my top level domain. So I add redirection from there too: mydomain.com/.well-known/caldav -> https://nextcloud.mydomain.com mydomain.com/.well-known/carddav -> https://nextcloud.mydomain.com Finally I can see the request is made to correct address: 207 PROPFIND nextcloud.mydomain.com/remote.php/dav But the icon shows it's blocked and there is a message in the JS console: The resource at “https://nextcloud.mydomain.com/remote.php/dav” was blocked by OpaqueResponseBlocking. Reason: “nosniff is true and mimeType is an opaque-blocklisted MIME type or its essence is 'text/plain'”. I've found 2 settings I can switch off: browser.opaqueResponseBlocking = false browser.opaqueResponseBlocking.javascriptValidator = false And after that, viola - I can see my calendars showing up upon adding the account (but not contacts, I think it's a separate issue and I have to check everything). My question is: is it possible to set this up without manually switching Thunderbird options on every machine? Some HTTP headers, perhaps?

എല്ലാ മറുപടികളും (1)

point4d
point4d Question owner
more options

I've discovered that adding addressBook and calendar parameters to config-v1.1.xml does not make any difference. The DAV request is always coming to the domain which the email address belongs to.

Request: PROPFIND https://mydomain.com/.well-known/carddav Response: 301 location: https://nextcloud.mydomain.com/.well-known/carddav

Request: PROPFIND https://nextcloud.mydomain.com/.well-known/carddav Response: 301 location: https://nextcloud.mydomain.com/remote.php/dav

Request: PROPFIND https://nextcloud.mydomain.com/remote.php/dav Response: 207 "content-security-policy: default-src 'none';" "content-type: application/xml; charset=utf-8" some xml data

Request: PROPFIND https://mydomain.com/remote.php/dav Response: 404

The last request doesn't make any sense. It contains a part of the address "/remote.php/dav" from the domain it was redirected to, but the request comes to the wrong domain. Is it a bug in Thunderbird? After adding the redirect from https://mydomain.com/remote.php/dav to https://nextcloud.mydomain.com CardDAV service is working.

But I still haven't figured out a way to configure it correctly without going to about:config. I could probably modify the content-security-policy header coming from Nextcloud, but there is a post on Nextcloud forums that warns about danger of doing that, it says that CSP headers should be managed by Nextcloud's PHP code.

Modified by point4d

Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.