[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Inf-IT DAVcl] CalDavZap


Hi  Zyrixx,

> On 27 Apr 2017, at 22:49, zyrixx <zyrixx@xxxxxxx> wrote:
> 
> Hallo, CalDAVZap now works so that it can be used productively? The last thing I had noticed was that with Firefoxtools you could read the password despite encryption.

the encryption between the server and the browser is different thing that the content in the browser. The username and password (if HTTP basic auth is used) is always visible in the browser console if you are logged in (in "worst case" you need to base64 decode the string in the console). Completely different problem is if someone can read your data when you are not logged in (the reason why I want encryption for indexedDB).

> The next is that Jan Mate always says that you should always look at his web server when it comes to features. It would be much better if Jan Mate explained how to activate what on his web server, so that CalDavZap works properly.
> 
> I use Horde and Roundcube and I need to change my webserver nothing. Also CalDAVSyns for Android or the CalDav Syncronizer work perfectly, without having to change something on the web server.
> 
> So what makes CalDavZap so extraordinary?

Sorry but I don't understand what are you talking about. If the problem is that you need to configure your CalDAV/CardDAV server to use InfCloud (and/or CaldavZAP/CardDavMATE) then first READ the readme.txt. There is NOTHING extraordinary in CalDavZAP, but it is a JavaScript client and it runs in a browser - and because there are limitations IN BROWSER (read the CORS - https://www.w3.org/TR/cors/ <https://www.w3.org/TR/cors/>) you need to configure your SERVER according to CORS requirements.

That limitation is NOT related to CalDavZAP, there is NO WAY to solve it in CalDavZAP and I am NOT interested in writing manual for ALL CalDAV/CardDAV server on this planet.

I have no problem to communicate with CalDAV/CardDAV server/client developers to help them (even if the CORS is all they need to read), but do NOT expect that I will provide a 24/7 online help for individual users for these servers. Most of them have minimal (or no) technical skills and/or understanding of problems and they want something like: "say me exactly what/where to do to get it working".

If a SERVER developer implements the required headers (described in CORS above) then the configuration of CalDavZAP will be super easy, and will not require any modification on server side - but that's NOT my work.


Cheers,


JM

Attachment: smime.p7s
Description: S/MIME cryptographic signature


References:
[Inf-IT DAVcl] CalDavZap"zyrixx" <zyrixx@xxxxxxx>