Connect to a site via SSL/DavWWWRoot not usual URL? Why does this make a difference?

五迷三道 提交于 2021-02-10 18:00:23

问题


Follow on from this question:

Can i over-ride IE enterprise mode from HTML?

I succeeded, in hosting a D3 SVG visualisation on my company sharepoint site.

The Initial Issue: My internal company sharepoint site has enterprise mode settings in IE that was forcing me from IE11 into an IE8 environment per my console:

HTML1122: Internet Explorer is running in Enterprise Mode emulating IE8.

The workaround: Connect to site via the SSL in the browser, not via http/https URL. The connection looks something like this: file://xxx.xxx.xx.xx.net@ssl/DavWWWRoot/xxx/xxx/index.html

I type it in the browser where a URL would go and it loads up perfectly. Albeit a little slowly.

The question: the work around was a suggestion that wasn't fully explained to me but works a treat. What exactly is happening here? Could someone explain what the file I am accessing is and why the sharepoint rules don't apply? Does this process by pass any security I should be concerned about?


回答1:


It means you're accessing your web server using the WebDAV Redirector which is a feature specific to Windows.

A WebDAV endpoint is a web server that supports WebDav, a standard protocol over HTTP or HTTPS transport. Basically, WebDAV allows to expose a pseudo file system (files and folders) over HTTP(S). SharePoint does support WebDAV.

So, the Windows WebDAV redirector is an OS driver that "mounts" the WebDav pseudo remote file system as a virtual file system, so it can be seen like by all Windows apps like a "drive" (it's similar to what happens when you "mount" an ISO disk).

The document explains how you can manually connect to a WebDAV endpoint. In this case, you will get a drive letter. But you can connect implicitely, which is what happens here, this is why the 'DavWWWRoot' keyword exists (it's known to Windows), to allow for implicit connections, w/o having to map the drive explicitely.

So this file path:

\\myserver\DavWWWRoot\mypath\myfile.ext

will implicitely connect to the myserver WebDav HTTP server, though the WebDAV redirector. It is equivalent to this url with a file scheme:

 file://myserver/DavWWWRoot/mypath/myfile.ext

@ssl is another hardcoded keyword trick that instructs the WebDav redirector to use HTTPS instead of HTTP.

So, in the end, it means you're accessing the SharePoint file using HTTPS, but as a file on a remote disk (like a share). There is no security breach per se (WebDav redirector uses HTTPS authentication, etc.) but IE rules may be different, it depends on your IE settings.



来源:https://stackoverflow.com/questions/49805544/connect-to-a-site-via-ssl-davwwwroot-not-usual-url-why-does-this-make-a-differe

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!