diff --git a/copyparty/__main__.py b/copyparty/__main__.py index b7bd8e8c..5205b97f 100755 --- a/copyparty/__main__.py +++ b/copyparty/__main__.py @@ -908,7 +908,7 @@ def add_network(ap): ap2.add_argument("--rproxy", metavar="DEPTH", type=int, default=1, help="which ip to associate clients with; [\033[32m0\033[0m]=tcp, [\033[32m1\033[0m]=origin (first x-fwd, unsafe), [\033[32m2\033[0m]=outermost-proxy, [\033[32m3\033[0m]=second-proxy, [\033[32m-1\033[0m]=closest-proxy") ap2.add_argument("--xff-hdr", metavar="NAME", type=u, default="x-forwarded-for", help="if reverse-proxied, which http header to read the client's real ip from") ap2.add_argument("--xff-src", metavar="CIDR", type=u, default="127.0.0.0/8, ::1/128", help="comma-separated list of trusted reverse-proxy CIDRs; only accept the real-ip header (\033[33m--xff-hdr\033[0m) and IdP headers if the incoming connection is from an IP within either of these subnets. Specify [\033[32mlan\033[0m] to allow all LAN / private / non-internet IPs. Can be disabled with [\033[32many\033[0m] if you are behind cloudflare (or similar) and are using \033[32m--xff-hdr=cf-connecting-ip\033[0m (or similar)") - ap2.add_argument("--ipa", metavar="CIDR", type=u, default="", help="only accept connections from IP-addresses inside \033[33mCIDR\033[0m; examples: [\033[32mlan\033[0m], [\033[32m10.89.0.0/16, 192.168.33.0/24\033[0m]") + ap2.add_argument("--ipa", metavar="CIDR", type=u, default="", help="only accept connections from IP-addresses inside \033[33mCIDR\033[0m; examples: [\033[32mlan\033[0m] or [\033[32m10.89.0.0/16, 192.168.33.0/24\033[0m]") ap2.add_argument("--rp-loc", metavar="PATH", type=u, default="", help="if reverse-proxying on a location instead of a dedicated domain/subdomain, provide the base location here; example: [\033[32m/foo/bar\033[0m]") if ANYWIN: ap2.add_argument("--reuseaddr", action="store_true", help="set reuseaddr on listening sockets on windows; allows rapid restart of copyparty at the expense of being able to accidentally start multiple instances") diff --git a/copyparty/authsrv.py b/copyparty/authsrv.py index f8a953e6..777d1892 100644 --- a/copyparty/authsrv.py +++ b/copyparty/authsrv.py @@ -2006,7 +2006,13 @@ class AuthSrv(object): for idp_vp in self.idp_vols: parent_vp = vsplit(idp_vp)[0] vn, _ = vfs.get(parent_vp, "*", False, False) - zs = "READABLE" if "*" in vn.axs.uread else "WRITABLE" if "*" in vn.axs.uwrite else "" + zs = ( + "READABLE" + if "*" in vn.axs.uread + else "WRITABLE" + if "*" in vn.axs.uwrite + else "" + ) if zs: t = '\nWARNING: Volume "/%s" appears below "/%s" and would be WORLD-%s' idp_err += t % (idp_vp, vn.vpath, zs) diff --git a/copyparty/httpcli.py b/copyparty/httpcli.py index 48a41cb8..4ba93124 100644 --- a/copyparty/httpcli.py +++ b/copyparty/httpcli.py @@ -323,7 +323,9 @@ class HttpCli(object): if "." in pip else ":".join(pip.split(":")[:4]) + ":" ) + "0.0/16" - zs2 = ' or "--xff-src=lan"' if self.conn.hsrv.xff_lan.map(pip) else "" + zs2 = ( + ' or "--xff-src=lan"' if self.conn.hsrv.xff_lan.map(pip) else "" + ) self.log(t % (self.args.xff_hdr, pip, cli_ip, zso, zs, zs2), 3) else: self.ip = cli_ip @@ -493,7 +495,11 @@ class HttpCli(object): if "." in pip else ":".join(pip.split(":")[:4]) + ":" ) + "0.0/16" - zs2 = ' or "--xff-src=lan"' if self.conn.hsrv.xff_lan.map(pip) else "" + zs2 = ( + ' or "--xff-src=lan"' + if self.conn.hsrv.xff_lan.map(pip) + else "" + ) self.log(t % (pip, idp_usr, idp_grp, zs, zs2), 3) idp_usr = "*"