WebDAV: adjust 401-mask for GETs (#136)

some clients, including KDE Dolphin (kioworker/6.10) keeps sending requests without the basic-auth header, expecting the server to respond with a 401 before it does most clients only do this for the initial request, which is usually a PROPFIND, which makes this nice and simple -- but turns out we need to consider this for GET as well... this is tricky because a graphical webbrowser must never receive a 401 lest it becomes near-impossible to deauth, and that's exactly what Dolphin pretends to be in its UA man （　´_ゝ`） note: `KIO/` hits konqueror so don't
2025-08-17 00:52:16 -06:00 · 2025-02-11 23:32:44 +00:00 · 2025-02-11 23:32:44 +00:00 · 9d76902710
parent 62ee7f6980
commit 9d76902710
3 changed files with 8 additions and 4 deletions
--- a/copyparty/main.py
+++ b/copyparty/main.py
@ -1183,6 +1183,7 @@ def add_webdav(ap):
    ap2.add_argument("--dav-mac", action="store_true", help="disable apple-garbage filter -- allow macos to create junk files (._* and .DS_Store, .Spotlight-*, .fseventsd, .Trashes, .AppleDouble, __MACOS)")
    ap2.add_argument("--dav-rt", action="store_true", help="show symlink-destination's lastmodified instead of the link itself; always enabled for recursive listings (volflag=davrt)")
    ap2.add_argument("--dav-auth", action="store_true", help="force auth for all folders (required by davfs2 when only some folders are world-readable) (volflag=davauth)")
+    ap2.add_argument("--dav-ua1", metavar="PTN", type=u, default=r" kioworker/", help="regex of tricky user-agents which expect 401 from GET requests; disable with [\033[32mno\033[0m] or blank")


 def add_tftp(ap):
--- a/copyparty/httpcli.py
+++ b/copyparty/httpcli.py
@ -1794,7 +1794,7 @@ class HttpCli(object):
    def handle_cpmv(self) -> bool:
        dst = self.headers["destination"]

-        # dolphin (KIO/6.10) "webdav://127.0.0.1:3923/a/b.txt"
+        # dolphin (kioworker/6.10) "webdav://127.0.0.1:3923/a/b.txt"
        dst = re.sub("^[a-zA-Z]+://[^/]+", "", dst).lstrip()

        if self.is_vproxied and dst.startswith(self.args.SRS):
@ -4836,9 +4836,12 @@ class HttpCli(object):
        # that the client is not a graphical browser
        if (
            rc == 403
-            and not self.pw
-            and not self.ua.startswith("Mozilla/")
+            and self.uname == "*"
            and "sec-fetch-site" not in self.headers
+            and (
+                not self.ua.startswith("Mozilla/")
+                or (self.args.dav_ua1 and self.args.dav_ua1.search(self.ua))
+            )
        ):
            rc = 401
            self.out_headers["WWW-Authenticate"] = 'Basic realm="a"'
--- a/copyparty/svchub.py
+++ b/copyparty/svchub.py
@ -769,7 +769,7 @@ class SvcHub(object):
                vs = os.path.expandvars(os.path.expanduser(vs))
                setattr(al, k, vs)

-        for k in "sus_urls nonsus_urls".split(" "):
+        for k in "dav_ua1 sus_urls nonsus_urls".split(" "):
            vs = getattr(al, k)
            if not vs or vs == "no":
                setattr(al, k, None)