Handle unexpected HTTP method gracefully

The file 11_handle_propfind.patch was added: patch

Logged In: YES
user_id=75166

There is an alternative to fixing cgi scripts to cope with inappropriate
WebDAV methods being applied to them, which works regardless of whether
they are Mailman cgi scripts or not.

Configure Apache not to apply WebDAV methods to inappropriate resources
by the use of Apache directives such as DAV Off and LimitExcept GET POST.
See:

http://httpd.apache.org/docs/2.0/mod/mod_dav.html

and

http://httpd.apache.org/docs/2.0/mod/core.html#limitexcept

Logged In: YES
user_id=285765

Yes, that's true. However, in any case mailman should output
a sensible error, I think?

Logged In: YES
user_id=75166

There are two issues:

1. Having Mailman's CGI scripts defend themselves against
inappropriate application of WebDAV methods is good and would
probably be required for RFC compliance if CGI had an RFC. The
fact the fix only requires change to a single driver script
to defend multiple functional scripts is a tribute to the
original design.

2. Inappropriate configuration of Apache servers with respect
to WebDAV is wrong.

 a. Many if not most legacy CGI scripts will not have been
 programmed to defend themselves against WebDAV methods.
 Fixing them on an existing system is time consuming and
 error prone. Fixing Apache config is easier and more
 reliable.

 b. Mailman's pipermail archives and much other served
 resource should also not be subject to WebDAV methods
 Only getting the Apache config right can deal with this.

Fixing CGI scripts is good. Getting the Apache configuration
correct is more important.

An equivalent patch has been applied for 2.1.12.