diff --git a/auth.py b/auth.py
index 13f89c40f..e137eeab6 100644
--- a/auth.py
+++ b/auth.py
@@ -94,16 +94,25 @@ def authorize_basic(base_dir: str, path: str, auth_header: str,
                   'contain a space character')
         return False
     if not has_users_path(path):
-        if debug:
-            print('DEBUG: basic auth - ' +
-                  'path for Authorization does not contain a user')
-        return False
-    path_users_section = path.split('/users/')[1]
-    if '/' not in path_users_section:
-        if debug:
-            print('DEBUG: basic auth - this is not a users endpoint')
-        return False
-    nickname_from_path = path_users_section.split('/')[0]
+        if not path.startswith('/calendars/'):
+            if debug:
+                print('DEBUG: basic auth - ' +
+                      'path for Authorization does not contain a user')
+            return False
+    if path.startswith('/calendars/'):
+        path_users_section = path.split('/calendars/')[1]
+        nickname_from_path = path_users_section
+        if '/' in nickname_from_path:
+            nickname_from_path = nickname_from_path.split('/')[0]
+        if '?' in nickname_from_path:
+            nickname_from_path = nickname_from_path.split('?')[0]
+    else:
+        path_users_section = path.split('/users/')[1]
+        if '/' not in path_users_section:
+            if debug:
+                print('DEBUG: basic auth - this is not a users endpoint')
+            return False
+        nickname_from_path = path_users_section.split('/')[0]
     if is_system_account(nickname_from_path):
         print('basic auth - attempted login using system account ' +
               nickname_from_path + ' in path')
diff --git a/daemon.py b/daemon.py
index ed2bb9154..bcf65847b 100644
--- a/daemon.py
+++ b/daemon.py
@@ -16832,13 +16832,15 @@ class PubServer(BaseHTTPRequestHandler):
                             '_GET', 'end benchmarks',
                             self.server.debug)
 
-    def _dav_handler(self, endpoint_type: str):
+    def _dav_handler(self, endpoint_type: str, debug: bool):
         calling_domain = self.server.domain_full
         if not self._has_accept(calling_domain):
             self._400()
             return
         accept_str = self.headers['Accept']
         if 'application/xml' not in accept_str:
+            if debug:
+                print(endpoint_type.upper() + ' is not of xml type')
             self._400()
             return
         if not self.headers.get('Content-length'):
@@ -16855,6 +16857,8 @@ class PubServer(BaseHTTPRequestHandler):
             print(endpoint_type.upper() + ' without /calendars ' + self.path)
             self._404()
             return
+        if debug:
+            print(endpoint_type.upper() + ' checking authorization')
         if not self._is_authorized():
             print(endpoint_type.upper() + ' not authorized')
             self._403()
@@ -16955,16 +16959,16 @@ class PubServer(BaseHTTPRequestHandler):
         self._200()
 
     def do_PROPFIND(self):
-        self._dav_handler('propfind')
+        self._dav_handler('propfind', self.server.debug)
 
     def do_PUT(self):
-        self._dav_handler('put')
+        self._dav_handler('put', self.server.debug)
 
     def do_REPORT(self):
-        self._dav_handler('report')
+        self._dav_handler('report', self.server.debug)
 
     def do_DELETE(self):
-        self._dav_handler('delete')
+        self._dav_handler('delete', self.server.debug)
 
     def do_HEAD(self):
         calling_domain = self.server.domain_full
diff --git a/happening.py b/happening.py
index e484ff110..a3d536637 100644
--- a/happening.py
+++ b/happening.py
@@ -975,7 +975,7 @@ def dav_put_response(base_dir: str, nickname: str, domain: str,
        'END:VEVENT' not in xml_str:
         return None
 
-    etag = md5(xml_str).hexdigest()
+    etag = md5(xml_str.encode('utf-8')).hexdigest()
     if recent_dav_etags.get(nickname):
         if etag in recent_dav_etags[nickname]:
             return 'Not modified'
@@ -1091,7 +1091,8 @@ def dav_report_response(base_dir: str, nickname: str, domain: str,
                     str(search_date.month) + '?day=' + str(search_date.day)
                 if ical_events:
                     if 'VEVENT' in ical_events:
-                        etag = md5(ical_events).hexdigest()
+                        ical_events_encoded = ical_events.encode('utf-8')
+                        etag = md5(ical_events_encoded).hexdigest()
                         responses = \
                             '    <d:response>\n' + \
                             '        <d:href>' + events_href + \
@@ -1124,7 +1125,8 @@ def dav_report_response(base_dir: str, nickname: str, domain: str,
                     str(query_start_month)
                 if ical_events:
                     if 'VEVENT' in ical_events:
-                        etag = md5(ical_events).hexdigest()
+                        ical_events_encoded = ical_events.encode('utf-8')
+                        etag = md5(ical_events_encoded).hexdigest()
                         responses = \
                             '    <d:response>\n' + \
                             '        <d:href>' + events_href + \
@@ -1172,6 +1174,8 @@ def dav_report_response(base_dir: str, nickname: str, domain: str,
                     if ical_events:
                         if 'VEVENT' in ical_events:
                             all_events += ical_events
+                            ical_events_encoded = ical_events.encode('utf-8')
+                            local_etag = md5(ical_events_encoded).hexdigest()
                             responses += \
                                 '    <d:response>\n' + \
                                 '        <d:href>' + events_href + \
@@ -1179,7 +1183,7 @@ def dav_report_response(base_dir: str, nickname: str, domain: str,
                                 '        <d:propstat>\n' + \
                                 '            <d:prop>\n' + \
                                 '                <d:getetag>"' + \
-                                etag + '"</d:getetag>\n' + \
+                                local_etag + '"</d:getetag>\n' + \
                                 '                <c:calendar-data>' + \
                                 ical_events + \
                                 '                </c:calendar-data>\n' + \
@@ -1188,7 +1192,8 @@ def dav_report_response(base_dir: str, nickname: str, domain: str,
                                 '</d:status>\n' + \
                                 '        </d:propstat>\n' + \
                                 '    </d:response>\n'
-            etag = md5(all_events).hexdigest()
+            ical_events_encoded = all_events.encode('utf-8')
+            etag = md5(ical_events_encoded).hexdigest()
 
     # today's calendar events
     if not ical_events:
@@ -1204,7 +1209,8 @@ def dav_report_response(base_dir: str, nickname: str, domain: str,
             str(search_date.month) + '?day=' + str(search_date.day)
         if ical_events:
             if 'VEVENT' in ical_events:
-                etag = md5(ical_events).hexdigest()
+                ical_events_encoded = ical_events.encode('utf-8')
+                etag = md5(ical_events_encoded).hexdigest()
                 responses = \
                     '    <d:response>\n' + \
                     '        <d:href>' + events_href + '</d:href>\n' + \
diff --git a/session.py b/session.py
index 82b06031d..0a2fc4247 100644
--- a/session.py
+++ b/session.py
@@ -689,6 +689,8 @@ def get_method(method_name: str, xml_str: str,
         headers = {
             'Accept': 'application/xml'
         }
+    else:
+        headers['Accept'] = 'application/xml'
     session_params = {}
     session_headers = {}
     if headers:
diff --git a/tests.py b/tests.py
index 6b95c7b0e..51a04b075 100644
--- a/tests.py
+++ b/tests.py
@@ -176,6 +176,8 @@ from shares import send_share_via_server
 from shares import get_shared_items_catalog_via_server
 from blocking import load_cw_lists
 from blocking import add_cw_from_lists
+from happening import dav_month_via_server
+
 
 TEST_SERVER_GROUP_RUNNING = False
 TEST_SERVER_ALICE_RUNNING = False
@@ -3172,6 +3174,22 @@ def test_client_to_server(base_dir: str):
     show_test_boxes('bob', bob_inbox_path, bob_outbox_path)
     assert len([name for name in os.listdir(alice_inbox_path)
                 if os.path.isfile(os.path.join(alice_inbox_path, name))]) == 0
+
+    print('\n\nEVENT: Bob checks his calendar via caldav')
+    if os.path.isfile(bob_dir + '/basic_auth_fail.txt'):
+        os.remove(bob_dir + '/basic_auth_fail.txt')
+    result = \
+        dav_month_via_server(session_bob, http_prefix,
+                             'bob', bob_domain, bob_port, True,
+                             test_date.year, test_date.month,
+                             'bobpass')
+    print('response: ' + str(result))
+    if os.path.isfile(bob_dir + '/basic_auth_fail.txt'):
+        with open(bob_dir + '/basic_auth_fail.txt', 'r') as fp_fail:
+            print(fp_fail.read())
+    assert 'VCALENDAR' in str(result)
+    assert 'VEVENT' in str(result)
+
     print('\n\nEVENT: Bob likes the post')
     send_like_via_server(bob_dir, session_bob,
                          'bob', 'bobpass',