Client integration with SharePoint 2010 gotcha

Under the hood client integration in SharePoint uses WebDAV.   SharePoint has its own implementation of the WebDAV server (bypassing the IIS ability).   We had a problem in one of our environments where when a user would open a file in SharePoint it would always display as read-only in the office client application.  In an "identical" environment that I had setup for testing the same process worked fine.

To troubleshoot I first opened up Fiddler to see what was happening under the hood.   When word (or any office app) requests the file from SharePoint it first sends the OPTIONS verb to the folder in which the file lives.  The request would come back from SharePoint as a 404 (even though the folder was there) with an interesting HTTP header.

X-MS-InvokeApp: 1; RequireReadOnly

When I did the same request on the environment that worked I would get a 200 with the expected list of valid operations:

Allow: GET, POST, OPTIONS, HEAD, MKCOL, PUT, PROPFIND, PROPPATCH, DELETE, MOVE, COPY, GETLIB, LOCK, UNLOCK

Digging further I discovered that in our production environment there was an additional entry in the web.config.   This limited the OPTIONS verb.

<system.webServer>

<security>

<requestFiltering allowDoubleEscaping="true">

<verbs allowUnlisted="true">

<add verb="OPTIONS" allowed="false" />

<add verb="PROPFIND" allowed="false" />

</verbs>

<requestLimits maxAllowedContentLength="2147483647" />

</requestFiltering>

</security>

After removing the verbs section everything started working as expected.