Hi team — first, thanks for the work on qfieldcloud/filestorage . The pluggable storage architecture is genuinely nice to read. This is not a request to change the project's stance that S3 is the only production-supported object store. I have read the docs, the CI matrix, and the in-code comments, and I understand and agree with that position for the general user base. What I would like to propose is a small hardening patch for QfcWebDavStorage that makes it more robust as a non-default storage option for self-hosters, without making any new claims about its support level. (A) Use case We have a use case where keeping data inside an existing on-premise Nextcloud instance is a hard requirement. Pointing QFieldCloud at a managed Nextcloud instead of operating another storage service highlights a practical scenario where the WebDAV backend is useful for self-hosted deployments. (B) Concrete bug we hit on first attempt Uploading any file to a project with file_storage set to QfcWebDavStorage backed by Nextcloud ( https://<nextcloud>/remote.php/dav/files/<user>/<basedir>/ ) fails with a 500 error. The crash happens inside make_collection. It calls: resp.raise_for_status() and raises a: 405 Client Error: Method Not Allowed make_collection() uses HEAD to check whether a parent collection exists and treats not resp.ok as “collection absent”. Many WebDAV servers including Nextcloud and SabreDAV return 405 Method Not Allowed for HEAD on collections, so using HEAD as an existence check is unreliable. The client interprets 405 as “collection missing”, sends MKCOL , the collection actually exists, the server again returns 405, and raise_for_status() surfaces this as a 500 in the QField client. The same code path is also racy because two parallel uploads can both observe “absent”, both send MKCOL , and one fails with 405 or 409. This behavior is not visible in CI because the development stack uses bytemark/webdav:2.4 (Apache mod_dav), which returns 200 for HEAD on collections. Modern WebDAV servers such as Nextcloud and ownCloud Infinite Scale do not, so passing CI does not fully reflect real-world deployments. (C) Proposed fix The fix is small: send MKCOL unconditionally and treat 201/405/409 as success. 405 is the RFC-defined response for "URL already mapped"; 409 is accepted defensively because some servers use it loosely for the same case. One fewer round-trip per directory level and race-condition-free. (D) Other smaller issues found during testing Add retry support for WebDAV requests. The current implementation uses a plain requests.Session without retry handling. The proposed change introduces retry handling via urllib3.Retry to improve resilience against transient server errors such as 503. Some WebDAV methods such as MKCOL , PROPFIND , and PUT require explicit inclusion in allowed_methods to be retried. A transient 503 can still abort the upload depending on configuration. Add request timeout handling. Currently requests do not consistently apply method-specific timeouts, which can cause long-running operations such as PUT uploads to block a worker if the server becomes unresponsive. The proposed change introduces a central request wrapper with method-aware timeouts, for example longer timeout for PUT. exists() does not distinguish between missing resources and server errors. The current implementation previously treated all HTTP errors as not exists, which could silently mask server-side failures such as 401, 403, or 5xx. The proposed change improves this by returning true for 2xx responses, false for 404 and 410, and raising an error for all other cases to avoid silent data corruption in Storage.save() . delete() previously swallowed all HTTP errors. The previous implementation treated all HTTP errors as not exists, which could silently mask server-side failures such as 401, 403, or 5xx. The proposed change makes delete properly idempotent by treating 404 and 410 as success and raising all other errors. (E) What I would like to contribute A PR that modifies QfcWebDavStorage only, with no signature changes and no new dependencies, fixes the Nextcloud 500 crash, adds the four hardening improvements above, adds unit tests using mocks, and leaves S3, migrations, CI matrix, and documentation unchanged. Thanks for considering. Toni
