mirrors/copyparty
1
0
Fork 0
mirror of https://github.com/9001/copyparty.git synced 2025-08-18 09:22:31 -06:00
Code Issues Actions Packages Projects Releases Wiki Activity

correct 401/403 usage for webdav

Browse source
This commit is contained in:
ed 2022-10-18 20:29:06 +02:00
parent 8510804e57
commit fe57321853
4 changed files with 13 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
README.md
View file

@ -719,6 +719,11 @@ on windows xp/7, connect using the explorer UI:
on windows 7/8/10, disable wpad for performance: on windows 7/8/10, disable wpad for performance:
* control panel -> [network and internet] -> [internet options] -> [connections] tab -> [lan settings] -> automatically detect settings: Nope * control panel -> [network and internet] -> [internet options] -> [connections] tab -> [lan settings] -> automatically detect settings: Nope
known issues:
* winxp cannot show unicode characters outside of *some range*
* latin-1 is fine, hiragana is not (not even as shift-jis on japanese xp)
* win7 cannot access servers which require authentication unless you use https or [enable basic authentication](./contrib/webdav-basicauth.reg) for http
## file indexing ## file indexing

3
contrib/README.md
View file

@ -29,6 +29,9 @@ however if your copyparty is behind a reverse-proxy, you may want to use [`share
* disables thumbnails and folder-type detection in windows explorer * disables thumbnails and folder-type detection in windows explorer
* makes it way faster (especially for slow/networked locations (such as copyparty-fuse)) * makes it way faster (especially for slow/networked locations (such as copyparty-fuse))
### [`webdav-basicauth.reg`](webdav-basicauth.reg)
* enables webdav basic-auth over plaintext http
### [`cfssl.sh`](cfssl.sh) ### [`cfssl.sh`](cfssl.sh)
* creates CA and server certificates using cfssl * creates CA and server certificates using cfssl
* give a 3rd argument to install it to your copyparty config * give a 3rd argument to install it to your copyparty config

3
copyparty/authsrv.py
View file

@ -411,6 +411,7 @@ class VFS(object):
will_move: bool = False, will_move: bool = False,
will_del: bool = False, will_del: bool = False,
will_get: bool = False, will_get: bool = False,
err=403,
) -> tuple["VFS", str]: ) -> tuple["VFS", str]:
"""returns [vfsnode,fs_remainder] if user has the requested permissions""" """returns [vfsnode,fs_remainder] if user has the requested permissions"""
if ANYWIN: if ANYWIN:
@ -432,7 +433,7 @@ class VFS(object):
]: ]:
if req and (uname not in d and "*" not in d) and uname != LEELOO_DALLAS: if req and (uname not in d and "*" not in d) and uname != LEELOO_DALLAS:
t = "you don't have {}-access for this location" t = "you don't have {}-access for this location"
raise Pebkac(403, t.format(msg)) raise Pebkac(err, t.format(msg))
return vn, rem return vn, rem

6
copyparty/httpcli.py
View file

@ -671,7 +671,7 @@ class HttpCli(object):
if not self.can_read and not self.can_write and not self.can_get: if not self.can_read and not self.can_write and not self.can_get:
if self.vpath: if self.vpath:
self.log("inaccessible: [{}]".format(self.vpath)) self.log("inaccessible: [{}]".format(self.vpath))
return self.tx_404(True) raise Pebkac(401, "authenticate")
self.uparam["h"] = "" self.uparam["h"] = ""
@ -731,7 +731,7 @@ class HttpCli(object):
] ]
props = set(props_lst) props = set(props_lst)
vn, rem = self.asrv.vfs.get(self.vpath, self.uname, True, False) vn, rem = self.asrv.vfs.get(self.vpath, self.uname, True, False, err=401)
depth = self.headers.get("depth", "infinity").lower() depth = self.headers.get("depth", "infinity").lower()
if depth == "infinity": if depth == "infinity":
@ -2502,7 +2502,7 @@ class HttpCli(object):
def tx_ups(self) -> bool: def tx_ups(self) -> bool:
if not self.args.unpost: if not self.args.unpost:
raise Pebkac(400, "the unpost feature is disabled in server config") raise Pebkac(403, "the unpost feature is disabled in server config")
idx = self.conn.get_u2idx() idx = self.conn.get_u2idx()
if not hasattr(idx, "p_end"): if not hasattr(idx, "p_end"):