diff --git a/copyparty/__main__.py b/copyparty/__main__.py
index 44e5f729..76c991fa 100644
--- a/copyparty/__main__.py
+++ b/copyparty/__main__.py
@@ -1439,7 +1439,8 @@ def add_webdav(ap):
     ap2.add_argument("--dav-mac", action="store_true", help="disable apple-garbage filter -- allow macos to create junk files (._* and .DS_Store, .Spotlight-*, .fseventsd, .Trashes, .AppleDouble, __MACOS)")
     ap2.add_argument("--dav-rt", action="store_true", help="show symlink-destination's lastmodified instead of the link itself; always enabled for recursive listings (volflag=davrt)")
     ap2.add_argument("--dav-auth", action="store_true", help="force auth for all folders (required by davfs2 when only some folders are world-readable) (volflag=davauth)")
-    ap2.add_argument("--dav-ua1", metavar="PTN", type=u, default=r" kioworker/", help="regex of tricky user-agents which expect 401 from GET requests; disable with [\033[32mno\033[0m] or blank")
+    ap2.add_argument("--dav-ua1", metavar="PTN", type=u, default=r" kioworker/", help="regex of user-agents which ARE webdav-clients, and expect 401 from GET requests; disable with [\033[32mno\033[0m] or blank")
+    ap2.add_argument("--ua-nodav", metavar="PTN", type=u, default=r"^(Mozilla/|NetworkingExtension/|com\.apple\.WebKit)", help="regex of user-agents which are NOT webdav-clients")
 
 
 def add_tftp(ap):
diff --git a/copyparty/httpcli.py b/copyparty/httpcli.py
index f7261704..6c2c646d 100644
--- a/copyparty/httpcli.py
+++ b/copyparty/httpcli.py
@@ -5466,7 +5466,7 @@ class HttpCli(object):
     def setck(self) -> bool:
         k, v = self.uparam["setck"].split("=", 1)
         t = 0 if v in ("", "x") else 86400 * 299
-        ck = gencookie(k, v, self.args.R, self.args.cookie_lax, False, t)
+        ck = gencookie(k, v, self.args.R, True, False, t)
         self.out_headerlist.append(("Set-Cookie", ck))
         if "cc" in self.ouparam:
             self.redirect("", "?h#cc")
@@ -5478,7 +5478,7 @@ class HttpCli(object):
         for k in ALL_COOKIES:
             if k not in self.cookies:
                 continue
-            cookie = gencookie(k, "x", self.args.R, self.args.cookie_lax, False)
+            cookie = gencookie(k, "x", self.args.R, True, False)
             self.out_headerlist.append(("Set-Cookie", cookie))
 
         self.redirect("", "?h#cc")
@@ -5512,8 +5512,9 @@ class HttpCli(object):
             rc == 403
             and self.uname == "*"
             and "sec-fetch-site" not in self.headers
+            and self.cookies.get("js") != "y"
             and (
-                not self.ua.startswith("Mozilla/")
+                not self.args.ua_nodav.search(self.ua)
                 or (self.args.dav_ua1 and self.args.dav_ua1.search(self.ua))
             )
         ):
diff --git a/copyparty/svchub.py b/copyparty/svchub.py
index 11b52a63..caa3ec9f 100644
--- a/copyparty/svchub.py
+++ b/copyparty/svchub.py
@@ -1088,7 +1088,7 @@ class SvcHub(object):
             vsa = [x.lower() for x in vsa if x]
             setattr(al, k + "_set", set(vsa))
 
-        zs = "dav_ua1 sus_urls nonsus_urls ua_nodoc ua_nozip"
+        zs = "dav_ua1 sus_urls nonsus_urls ua_nodav ua_nodoc ua_nozip"
         for k in zs.split(" "):
             vs = getattr(al, k)
             if not vs or vs == "no":