From fd977891e8016eb5323ab0bfaa58f2f84dfe13ce Mon Sep 17 00:00:00 2001
From: Unrud <unrud@openaliasbox.org>
Date: Mon, 1 Aug 2016 09:31:25 +0200
Subject: [PATCH] Remove /.well-known I can't think of a sane use-case for
 this.

---
 config               |  9 ---------
 radicale/__init__.py | 22 +++-------------------
 radicale/config.py   |  3 ---
 3 files changed, 3 insertions(+), 31 deletions(-)

diff --git a/config b/config
index 720fc1a..a0922b3 100644
--- a/config
+++ b/config
@@ -70,15 +70,6 @@
 #stock = utf-8
 
 
-[well-known]
-
-# Path where /.well-known/caldav/ is redirected
-#caldav = /
-
-# Path where /.well-known/carddav/ is redirected
-#carddav = /
-
-
 [auth]
 
 # Authentication method
diff --git a/radicale/__init__.py b/radicale/__init__.py
index 7ececaf..fa12f21 100644
--- a/radicale/__init__.py
+++ b/radicale/__init__.py
@@ -53,8 +53,6 @@ VERSION = "2.0.0rc0"
 # tries to access information they don't have rights to
 NOT_ALLOWED = (client.FORBIDDEN, {}, None)
 
-WELL_KNOWN_RE = re.compile(r"/\.well-known/(carddav|caldav)/?$")
-
 
 class HTTPServer(wsgiref.simple_server.WSGIServer):
     """HTTP server."""
@@ -293,23 +291,9 @@ class Application:
             user = environ.get("REMOTE_USER")
             password = None
 
-        well_known = WELL_KNOWN_RE.match(path)
-        if well_known:
-            redirect = self.configuration.get(
-                "well-known", well_known.group(1))
-            try:
-                redirect = redirect % ({"user": user} if user else {})
-            except KeyError:
-                status = client.UNAUTHORIZED
-                realm = self.configuration.get("server", "realm")
-                headers = {"WWW-Authenticate": "Basic realm=\"%s\"" % realm}
-                self.logger.info(
-                    "Refused /.well-known/ redirection to anonymous user")
-            else:
-                status = client.SEE_OTHER
-                self.logger.info("/.well-known/ redirection to: %s" % redirect)
-                headers = {"Location": redirect}
-            return response(status, headers)
+        # If /.well-known is not available, clients query /
+        if path == "/.well-known" or path.startswith("/.well-known/"):
+            return response(client.NOT_FOUND, {})
 
         is_authenticated = self.is_authenticated(user, password)
         is_valid_user = is_authenticated or not user
diff --git a/radicale/config.py b/radicale/config.py
index 2b58d3f..980cf78 100644
--- a/radicale/config.py
+++ b/radicale/config.py
@@ -44,9 +44,6 @@ INITIAL_CONFIG = {
         "base_prefix": "/",
         "can_skip_base_prefix": "False",
         "realm": "Radicale - Password Required"},
-    "well-known": {
-         "caldav": "/",
-         "carddav": "/"},
     "encoding": {
         "request": "utf-8",
         "stock": "utf-8"},