WebDAV Properties <properties>
Overview Compatibility Setup How To Configuration Sample Code
Print Email
Overview
The <properties> element of the <authoring> element defines the locking behavior for the
WebDAV module. More specifically, the <properties> element contains attributes that define
whether custom WebDAV properties are enabled, whether anonymous or infinite property
requests are allowed, and may contain a series of <add> elements that define mappings for XML
namespaces to property store providers.
Note: WebDAV defines two types of properties:
"Live" properties: These properties exist in the underlying file system. For example, the file name and file size. These properties are always supported.
"Dead" properties: These properties are user-defined and are stored in a property store. For example, the author of a document or the template that was used.
In order to use "dead" properties, you must set the allowCustomProperties of the
<properties> element to true, and define a mapping for an XML namespace to property
provider from the list of property providers that are defined in the <propertyStores> collection.
Compatibility
Version
Notes
IIS 7.5 The <properties> element of the <authoring> element ships as a feature of IIS 7.5.
IIS 7.0The <properties> element of the <authoring> element was introduced in WebDAV 7.0, which was a separate download for IIS 7.0.
IIS 6.0 N/A
Note: The WebDAV 7.0 and WebDAV 7.5 modules shipped out-of-band for IIS 7.0, which required
downloading and installing the modules from the following URL:
http://www.iis.net/expand/WebDAV
With Windows 7 and Windows Server 2008 R2, the WebDAV 7.5 module ships as a feature for IIS
7.5, so downloading WebDAV is no longer necessary.
Setup
To support WebDAV publishing for your Web server, you must install the WebDAV module. To do
so, use the following steps.
IIS 7.5 for Windows Server 2008 R2
1. On the taskbar, click Start, point to Administrative Tools, and then click Server Manager.
2. In the Server Manager hierarchy pane, expand Roles, and then click Web Server (IIS). 3. In the Web Server (IIS) pane, scroll to the Role Services section, and then click Add
Role Services. 4. On the Select Role Services page of the Add Role Services Wizard, expand Common
HTTP Features, select WebDAV Publishing, and then click Next.
5. On the Confirm Installation Selections page, click Install. 6. On the Results page, click Close.
IIS 7.5 for Windows 7
1. On the taskbar, click Start, and then click Control Panel. 2. In Control Panel, click Programs and Features, and then click Turn Windows
Features on or off. 3. Expand Internet Information Services, then World Wide Web Services, and then
Common HTTP Features.
4. Select WebDAV Publishing, and then click OK.
IIS 7.0 for Windows Server 2008 and Windows Vista
Download the installation package from the following URL: http://www.iis.net/expand/WebDAV
Follow the instructions in the following walkthrough to install the WebDAV module: Installing and Configuring WebDAV on IIS 7.0
How To
How to configure WebDAV properties for a Web site
1. Open Internet Information Services (IIS) Manager: If you are using Windows Server 2008 or Windows Server 2008 R2:
On the taskbar, click Start, point to Administrative Tools, and then click Internet Information Services (IIS) Manager.
If you are using Windows Vista or Windows 7: On the taskbar, click Start, and then click Control Panel. Double-click Administrative Tools, and then double-click Internet
Information Services (IIS) Manager. 2. In the Connections pane, expand the server name, expand the Sites node, and then
click the name of the site. 3. In the site's Home pane, double-click WebDAV Authoring Rules.
4. When the WebDAV Authoring Rules page is displayed, click WebDAV Settings in the Actions pane.
5. When the WebDAV Settings page is displayed, specify the following options in the Property Behavior section:
Set Allow anonymous property queries to False. Set Allow custom properties to True. Set Allow property queries with infinite depth to False.
6. Click the ellipsis (...) button to launch the Namespace Collection Editor.
7. Click Add and then choose webdav_simple_prop from the drop-down list 8. Specify "*" for the XmlNameSpace and then click OK. 9. Once you have completed the previous steps, click Apply in the Actions pane.
Configuration
The <properties> element is configurable only at the site level in the ApplicationHost.config
file. Any <properties> elements at other levels or in Web.config files are ignored.
Attributes
Attribute Description
allowAnonymousPropfind
Optional Boolean attribute.
true if anonymous WebDAV property requests are allowed;
otherwise, false.
Important: Most WebDAV verbs require authentication;
however, anonymous WebDAV property requests may be
allowed for backwards-compatibility for some WebDAV clients.
Unless there is a specific requirement for your environment,
anonymous WebDAV property requests should always be
disabled because they introduce the chance of information
disclosure for a Web site. For example, an anonymous WebDAV
client can retrieve a list of files in your application.
The default value is false.
allowInfinitePropfindDepth
Optional Boolean attribute.
true if infinite-depth WebDAV property requests are allowed; otherwise, false.
Important: Allowing infinite-depth WebDAV property requests is strongly discouraged due to the amount of CPU time that may be required to fullfill an infinite-depth WebDAV property request. This could even lead to a denial of service for your application. Unless there is a specific requirement for your environment, infinite-depth WebDAV property requests should always be disabled.
The default value is false.
allowCustomProperties
Optional Boolean attribute.
true if custom WebDAV properties are allowed; otherwise, false.
Note: Custom WebDAV properties are also known as "dead" properties.
Note: If allowCustomProperties is set to true but no property stores are defined or there are no XML namespace to property store mappings, no custom properties can be stored.
The default value is true.
Child Elements
Element
Description
addOptional element.
Adds a mapping for an XML namespace to a property provider.
clearOptional element.
Clears all the existing namespace mappings.
remove
Optional element.
Removes a mapping from the list of XML namespaces to property
providers.
Configuration Sample
The following example lists a sample <webdav> element for the Default Web Site. This example
clears any existing authoring rules, adds a single rule for the administrators group, enables
WebDAV authoring, specifies that hidden files are allowed, enables WebDAV locks and specifies
the lock provider, and enables WebDAV properties and specifies the default XML namespace for
property mapping.
<location path="Default Web Site"> <system.webServer> <webdav> <authoringRules defaultAccess="none" allowNonMimeMapFiles="true" defaultMimeType="text/plain"> <clear /> <add roles="administrators" path="*" access="Read, Write, Source" /> </authoringRules> <authoring enabled="true" requireSsl="false"> <fileSystem allowHiddenFiles="true" /> <locks enabled="true" lockStore="webdav_simple_lock" requireLockForWriting="false" /> <properties allowAnonymousPropfind="false" allowInfinitePropfindDepth="false" allowCustomProperties="true"> <clear /> <add xmlNamespace="*" propertyStore="webdav_simple_prop" /> </properties> </authoring> </webdav> </system.webServer></location>
Sample Code
The following examples configure the WebDAV property settings so that both anonymous and
infinite depth property queries are disabled, and enable custom properties with the default XML
namespace mapped to the built-in webdav_simple_prop provider.
AppCmd.exe
appcmd.exe set config "Default Web Site" -section:system.webServer/webdav/authoring /properties.allowAnonymousPropfind:"False" /commit:apphost
appcmd.exe set config "Default Web Site" -section:system.webServer/webdav/authoring /properties.allowInfinitePropfindDepth:"False" /commit:apphost
appcmd.exe set config "Default Web Site" -section:system.webServer/webdav/authoring /properties.allowCustomProperties:"True" /commit:apphost
appcmd.exe set config "Default Web Site" -section:system.webServer/webdav/authoring /+"properties.[xmlNamespace='*',propertyStore='webdav_simple_prop']" /commit:apphost
Note: You must be sure to set the commit parameter to apphost when you use AppCmd.exe to
configure these settings. This commits the configuration settings to the appropriate location
section in the ApplicationHost.config file.
C#
using System;
using System.Text;
using Microsoft.Web.Administration;
internal static class Sample
{
private static void Main()
{
using (ServerManager serverManager = new ServerManager())
{
Configuration config = serverManager.GetApplicationHostConfiguration();
ConfigurationSection authoringSection = config.GetSection("system.webServer/webdav/authoring", "Default Web Site");
ConfigurationElement propertiesElement = authoringSection.GetChildElement("properties");
propertiesElement["allowAnonymousPropfind"] = false;
propertiesElement["allowInfinitePropfindDepth"] = false;
propertiesElement["allowCustomProperties"] = true;
ConfigurationElementCollection propertiesCollection = propertiesElement.GetCollection();
ConfigurationElement addElement = propertiesCollection.CreateElement("add");
addElement["xmlNamespace"] = @"*";
addElement["propertyStore"] = @"webdav_simple_prop";
propertiesCollection.Add(addElement);
serverManager.CommitChanges();
}
}
}
VB.NET
Imports System
Imports System.Text
Imports Microsoft.Web.Administration
Module Sample
Sub Main()
Dim serverManager As ServerManager = New ServerManager
Dim config As Configuration = serverManager.GetApplicationHostConfiguration
Dim authoringSection As ConfigurationSection = config.GetSection("system.webServer/webdav/authoring", "Default Web Site")
Dim propertiesElement As ConfigurationElement = authoringSection.GetChildElement("properties")
propertiesElement("allowAnonymousPropfind") = False
propertiesElement("allowInfinitePropfindDepth") = False
propertiesElement("allowCustomProperties") = True
Dim propertiesCollection As ConfigurationElementCollection = propertiesElement.GetCollection
Dim addElement As ConfigurationElement = propertiesCollection.CreateElement("add")
addElement("xmlNamespace") = "*"
addElement("propertyStore") = "webdav_simple_prop"
propertiesCollection.Add(addElement)
serverManager.CommitChanges()
End Sub
End Module
JavaScript
var adminManager = new ActiveXObject('Microsoft.ApplicationHost.WritableAdminManager');
adminManager.CommitPath = "MACHINE/WEBROOT/APPHOST";
var authoringSection = adminManager.GetAdminSection("system.webServer/webdav/authoring", "MACHINE/WEBROOT/APPHOST/Default Web Site");
var propertiesElement = authoringSection.ChildElements.Item("properties");
propertiesElement.Properties.Item("allowAnonymousPropfind").Value = false;
propertiesElement.Properties.Item("allowInfinitePropfindDepth").Value = false;
propertiesElement.Properties.Item("allowCustomProperties").Value = true;
var propertiesCollection = propertiesElement.Collection;
var addElement = propertiesCollection.CreateNewElement("add");
addElement.Properties.Item("xmlNamespace").Value = "*";
addElement.Properties.Item("propertyStore").Value = "webdav_simple_prop";
propertiesCollection.AddElement(addElement);
adminManager.CommitChanges();
VBScript
Set adminManager = createObject("Microsoft.ApplicationHost.WritableAdminManager")
adminManager.CommitPath = "MACHINE/WEBROOT/APPHOST"
Set authoringSection = adminManager.GetAdminSection("system.webServer/webdav/authoring", "MACHINE/WEBROOT/APPHOST/Default Web Site")
Set propertiesElement = authoringSection.ChildElements.Item("properties")
propertiesElement.Properties.Item("allowAnonymousPropfind").Value = False
propertiesElement.Properties.Item("allowInfinitePropfindDepth").Value = False
propertiesElement.Properties.Item("allowCustomProperties").Value = True
Set propertiesCollection = propertiesElement.Collection
Set addElement = propertiesCollection.CreateNewElement("add")
addElement.Properties.Item("xmlNamespace").Value = "*"
addElement.Properties.Item("propertyStore").Value = "webdav_simple_prop"
propertiesCollection.AddElement(addElement)
adminManager.CommitChanges()
Configuration SettingsView by Schema View Alphabetical
access activation activeDirectory (userIsolation) activeDirectory (userIsolation) alwaysAllowedQueryStrings alwaysAllowedUrls anonymousAuthentication (authentication) anonymousAuthentication (authentication) anonymousAuthentication (authentication) application (applicationDependencies) application (fastCgi) application (site)
applicationDefaults (site) applicationDefaults (sites) applicationDependencies applicationPoolDefaults applicationPools appliesTo areas asp authentication (management) authentication (security) authentication (security) authentication (security) authoring authoringRules authorization (management) authorization (security) authorization (security) authorizationRules basicAuthentication (authentication) basicAuthentication (authentication) basicAuthentication (authentication) binding (bindings) binding (bindings) bindings (site) bindings (siteDefaults) cache caching (system.ftpServer) caching (system.webServer) centralBinaryLogFile centralLogFile centralW3CLogFile cgi clientCache clientCertAuthentication (authentication) clientCertAuthentication (authentication) clientCertificateMappingAuthentication commandFiltering (security) commandFiltering (security) comPlus configHistory configPaths configurationRedirection connections (ftpServer) connections (ftpServer) cpu credentials credentialsCache customAuthentication (authentication) customAuthentication (authentication) customFeatures (ftpServer) customFeatures (ftpServer) customHeaders customMetadata dataChannelSecurity (security) dataChannelSecurity (security) defaultDocument denyQueryStringSequences denyStrings
denyUrlSequences (requestFiltering) denyUrlSequences (requestFiltering) digestAuthentication directoryBrowse (ftpServer) directoryBrowse (ftpServer) directoryBrowse (system.webServer) dynamicTypes environmentVariable environmentVariables error extendedProtection failure failureDefinitions fastCgi fileExtensions (requestFiltering) fileExtensions (requestFiltering) fileHandling (ftpServer) fileHandling (ftpServer) files fileSystem filter filteringRule filteringRules firewallSupport (ftpServer) firewallSupport (ftpServer) firewallSupport (system.ftpServer) ftpServer (site) ftpServer (siteDefaults) globalModules globalSettings handlers headerLimits hiddenSegments (requestFiltering) hiddenSegments (requestFiltering) hostNameSupport httpCompression httpErrors httpLogging httpProtocol httpRedirect httpTracing iisClientCertificateMappingAuthentication ipSecurity (security) ipSecurity (security) isapiCgiRestriction isapiFilters key limits (asp) limits (site) limits (siteDefaults) listenerAdapters locks lockStores log (system.applicationHost) log (system.ftpServer) logFile (ftpServer) logFile (ftpServer) logFile (site)
logFile (siteDefaults) management manyToOneMappings messages (ftpServer) messages (ftpServer) mimeMap moduleProviders modules (configuration) modules (system.webServer) odbcLogging oneToOneMappings periodicRestart processModel profiles properties property propertyStores providerData providerDefinitions providers (authentication) providers (authorization) providers (customAuthentication) providers (customAuthentication) providers (customFeatures) providers (customFeatures) providers (windowsAuthentication) recycling redirectHeaders requestFiltering (security) requestFiltering (security) requestLimits (requestFiltering) requestLimits (requestFiltering) rules scanHeaders schedule scheme scope searchResult section security (ftpServer) security (ftpServer) security (system.ftpServer) security (system.webServer) serverRuntime (system.ftpServer) serverRuntime (system.webServer) serverSideInclude serviceAutoStartProviders session (asp) session (sessions) sessions site siteDefaults sites spn ssl (security) ssl (security) sslClientCertificates (security) sslClientCertificates (security)
staticContent staticTypes system.applicationHost system.ftpServer system.webServer traceAreas traceFailedRequests traceFailedRequestsLogging (site) traceFailedRequestsLogging (siteDefaults) traceProviderDefinitions traceUrls tracing trustedProviders urlCompression userIsolation (ftpServer) userIsolation (ftpServer) validation verbs virtualDirectory virtualDirectoryDefaults (application) virtualDirectoryDefaults (site) virtualDirectoryDefaults (sites) webdav webLimits windowsAuthentication
<configuration> o <configPaths>
<searchResult> <section>
o <configurationRedirection> o <moduleProviders> o <modules> o <system.applicationHost>
<applicationPools> <applicationPoolDefaults>
<configHistory> <customMetadata>
<key> <property>
<listenerAdapters> <log>
<centralBinaryLogFile> <centralW3CLogFile>
<sites> <applicationDefaults> <site>
<application> <virtualDirectory> <virtualDirectoryDefaults>
<applicationDefaults> <bindings>
<binding> <limits> <logFile> <traceFailedRequestsLogging> <virtualDirectoryDefaults> <ftpServer>
<connections> <security>
<dataChannelSecurity> <commandFiltering> <ssl> <sslClientCertificates> <authentication>
<anonymousAuthentication> <basicAuthentication> <clientCertAuthentication> <customAuthentication>
<providers> <customFeatures>
<providers> <messages> <fileHandling> <firewallSupport> <userIsolation>
<activeDirectory> <directoryBrowse> <logFile> <sessions>
<session> <siteDefaults>
<limits> <logFile> <traceFailedRequestsLogging> <bindings>
<binding> <ftpServer>
<connections> <security>
<dataChannelSecurity> <commandFiltering> <ssl> <sslClientCertificates> <authentication>
<anonymousAuthentication> <basicAuthentication> <clientCertAuthentication> <customAuthentication>
<providers> <customFeatures>
<providers> <messages> <fileHandling> <firewallSupport> <userIsolation>
<activeDirectory> <directoryBrowse> <logFile>
<virtualDirectoryDefaults> <webLimits> <serviceAutoStartProviders>
o <system.ftpServer> <log>
<centralLogFile> <firewallSupport>
<providerDefinitions> <activation>
<providerData> <security>
<authorization> <ipSecurity> <requestFiltering>
<fileExtensions> <requestLimits> <hiddenSegments> <denyUrlSequences>
<caching> <credentialsCache>
<serverRuntime> <hostNameSupport>
o <system.webServer> <asp>
<cache> <comPlus> <limits> <session>
<caching> <profiles>
<cgi> <defaultDocument>
<files> <directoryBrowse> <fastCgi>
<application> <environmentVariables>
<environmentVariable> <globalModules> <handlers> <httpCompression>
<dynamicTypes> <scheme> <staticTypes>
<httpErrors> <error>
<httpLogging> <httpProtocol>
<customHeaders> <redirectHeaders>
<httpRedirect> <httpTracing>
<traceUrls> <isapiFilters>
<filter> <management>
<authentication> <credentials> <providers>
<authorization> <authorizationRules>
<scope> <providers>
<trustedProviders> <modules>
<odbcLogging> <security>
<access> <applicationDependencies>
<application> <authentication>
<anonymousAuthentication> <basicAuthentication> <clientCertificateMappingAuthentication> <digestAuthentication> <iisClientCertificateMappingAuthentication>
<manyToOneMappings> <oneToOneMappings>
<windowsAuthentication> <providers> <extendedProtection>
<spn> <authorization> <ipSecurity> <isapiCgiRestriction> <requestFiltering>
<denyUrlSequences> <fileExtensions> <hiddenSegments> <requestLimits>
<headerLimits> <verbs> <alwaysAllowedUrls> <alwaysAllowedQueryStrings> <denyQueryStringSequences> <filteringRules>
<filteringRule> <scanHeaders> <appliesTo> <denyStrings>
<serverRuntime> <serverSideInclude> <staticContent>
<clientCache> <mimeMap>
<tracing> <traceFailedRequests> <traceProviderDefinitions>
<urlCompression> <validation> <webdav>
<globalSettings> <propertyStores> <lockStores>
<authoring> <fileSystem> <locks> <properties>
<authoringRules>
Deprecated Elements
Servers Windows Server SQL Server Windows Server AppFabric
Technologies .NET Framework ASP.NET Silverlight PHP on Windows IIS Media Services
Tools Visual Studio Expression Studio Windows Internet Explorer
Web Apps SharePoint Server Commerce Server BizTalk Server Web App Gallery
Communities ASP.NET Community Visual Studio Community IIS Community Silverlight Community MSDN Community Center Channel 8 Channel 9 Channel 10 CodePlex
Blogs MSDN Blogs Web Tools Team Blog Web Platform Team Blog Silverlight Team Blog IE Team Blog Mix Online Scott Guthrie's Blog Scott Hanselman's Blog
Information For... IT professionals (TechNet) Web Developers (MSDN) Web Designers (Expression) Enterprise Organizations Hosters
Interested in Advertising with us? | Issue Management by Axosoft's OnTime
Terms of Use Privacy Statement About our Team Questions/Problems
© 2011 Microsoft Corporation. All Rights Reserved.