From 9e980bb55203c2a73a0a9efc7792c7e0fd379ab2 Mon Sep 17 00:00:00 2001 From: ed Date: Thu, 7 Aug 2025 17:57:10 +0000 Subject: [PATCH] try to detect proxies with misbehaving caches (#488) --- copyparty/__main__.py | 1 + copyparty/httpcli.py | 6 ++++++ copyparty/web/browser.js | 4 ++++ tests/util.py | 4 ++-- 4 files changed, 13 insertions(+), 2 deletions(-) diff --git a/copyparty/__main__.py b/copyparty/__main__.py index 81476e7f..0715af28 100644 --- a/copyparty/__main__.py +++ b/copyparty/__main__.py @@ -1300,6 +1300,7 @@ def add_yolo(ap): ap2 = ap.add_argument_group("yolo options") ap2.add_argument("--allow-csrf", action="store_true", help="disable csrf protections; let other domains/sites impersonate you through cross-site requests") ap2.add_argument("--cookie-lax", action="store_true", help="allow cookies from other domains (if you follow a link from another website into your server, you will arrive logged-in); this reduces protection against CSRF") + ap2.add_argument("--no-fnugg", action="store_true", help="disable the smoketest for caching-related issues in the web-UI") ap2.add_argument("--getmod", action="store_true", help="permit ?move=[...] and ?delete as GET") ap2.add_argument("--wo-up-readme", action="store_true", help="allow users with write-only access to upload logues and readmes without adding the _wo_ filename prefix (volflag=wo_up_readme)") diff --git a/copyparty/httpcli.py b/copyparty/httpcli.py index 2986275f..3da299c7 100644 --- a/copyparty/httpcli.py +++ b/copyparty/httpcli.py @@ -6025,6 +6025,12 @@ class HttpCli(object): else: [x.pop(k) for k in ["name", "dt"] for y in [dirs, files] for x in y] + # nonce (tlnote: norwegian for flake as in snowflake) + if self.args.no_fnugg: + ls["fnugg"] = "nei" + elif "fnugg" in self.headers: + ls["fnugg"] = self.headers["fnugg"] + ret = json.dumps(ls) mime = "application/json" diff --git a/copyparty/web/browser.js b/copyparty/web/browser.js index b84c39ee..0563d8ee 100644 --- a/copyparty/web/browser.js +++ b/copyparty/web/browser.js @@ -13204,6 +13204,7 @@ var treectl = (function () { xhr.hydrate = hydrate; xhr.ts = Date.now(); xhr.open('GET', xhr.top + '?ls' + uq, true); + xhr.setRequestHeader('Fnugg', '' + xhr.ts); xhr.onload = xhr.onerror = recvls; xhr.send(); @@ -13269,6 +13270,9 @@ var treectl = (function () { if (r.chk_index_html(this.top, res)) return; + if (this.ts != res.fnugg && res.fnugg != 'nei' && sread('no_fnugg') !== '1') + toast.warn(60, "WARNING: A proxy/CDN between your webbrowser and the server is misbehaving, and caching responses it shouldn't. As a result, you are now seeing stale directory listings. There will be many issues.\n\nIf you need to ignore this and stop these messages, you can set the global-option 'no-fnugg' on the server, or click π and run this: STG.no_fnugg=1"); + for (var a = 0; a < res.files.length; a++) if (res.files[a].tags === undefined) res.files[a].tags = {}; diff --git a/tests/util.py b/tests/util.py index ea9bfeb9..7b4ad2aa 100644 --- a/tests/util.py +++ b/tests/util.py @@ -143,7 +143,7 @@ class Cfg(Namespace): def __init__(self, a=None, v=None, c=None, **ka0): ka = {} - ex = "allow_flac allow_wav chpw cookie_lax daw dav_auth dav_mac dav_rt e2d e2ds e2dsa e2t e2ts e2tsr e2v e2vu e2vp early_ban ed emp exp force_js getmod grid gsel hardlink hardlink_only ih ihead localtime magic nid nih no_acode no_athumb no_bauth no_clone no_cp no_dav no_db_ip no_del no_dirsz no_dupe no_lifetime no_logues no_mv no_pipe no_poll no_readme no_robots no_sb_md no_sb_lg no_scandir no_tail no_tarcmp no_thumb no_vthumb no_zip nrand nsort nw og og_no_head og_s_title ohead q rand re_dirsz reflink rmagic rss smb srch_dbg srch_excl stats uqe vague_403 vc ver wo_up_readme write_uplog xdev xlink xvol zipmaxu zs" + ex = "allow_flac allow_wav chpw cookie_lax daw dav_auth dav_mac dav_rt e2d e2ds e2dsa e2t e2ts e2tsr e2v e2vu e2vp early_ban ed emp exp force_js getmod grid gsel hardlink hardlink_only ih ihead localtime magic nid nih no_acode no_athumb no_bauth no_clone no_cp no_dav no_db_ip no_del no_dirsz no_dupe no_fnugg no_lifetime no_logues no_mv no_pipe no_poll no_readme no_robots no_sb_md no_sb_lg no_scandir no_tail no_tarcmp no_thumb no_vthumb no_zip nrand nsort nw og og_no_head og_s_title ohead q rand re_dirsz reflink rmagic rss smb srch_dbg srch_excl stats uqe vague_403 vc ver wo_up_readme write_uplog xdev xlink xvol zipmaxu zs" ka.update(**{k: False for k in ex.split()}) ex = "dav_inf dedup dotpart dotsrch hook_v no_dhash no_fastboot no_fpool no_htp no_rescan no_sendfile no_ses no_snap no_up_list no_voldump re_dhash see_dots plain_ip" @@ -161,7 +161,7 @@ class Cfg(Namespace): ex = "au_vol dl_list mtab_age reg_cap s_thead s_tbody tail_tmax tail_who th_convt ups_who zip_who" ka.update(**{k: 9 for k in ex.split()}) - ex = "db_act forget_ip idp_cookie idp_store k304 loris no304 nosubtle re_maxage rproxy rsp_jtr rsp_slp s_wr_slp snap_wri theme themes turbo u2ow zipmaxn zipmaxs" + ex = "ctl_re db_act forget_ip idp_cookie idp_store k304 loris no304 nosubtle re_maxage rproxy rsp_jtr rsp_slp s_wr_slp snap_wri theme themes turbo u2ow zipmaxn zipmaxs" ka.update(**{k: 0 for k in ex.split()}) ex = "ah_alg bname chmod_f chpw_db doctitle df exit favico idp_h_usr ipa html_head lg_sba lg_sbf log_fk md_sba md_sbf name og_desc og_site og_th og_title og_title_a og_title_v og_title_i shr tcolor textfiles unlist vname xff_src zipmaxt R RS SR"