chore: release v0.39.0 (#345 )

chore: release v0.39.0
refactor: propfind with auth no need to list all (#344 )
2026-04-09 09:09:03 +03:00 · 2024-01-11 16:50:25 +08:00 · 2024-01-11 08:31:56 +00:00 · 2024-01-11 16:10:10 +08:00 · 2024-01-11 07:04:44 +00:00 · 2024-01-11 14:56:30 +08:00
32 changed files with 3108 additions and 1858 deletions
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -9,9 +9,10 @@ about: Create a report to help us improve
 **Log**
-If applicable, add logs to help explain your problem.
+The dufs log is crucial for locating the problem, so please do not omit it.
 **Environment:**
 - Dufs version:
- - Browser/Webdav Info: 
+ - Browser/Webdav info:
- - OS Info: 
+ - OS info:
 - Proxy server:  e.g. nginx, cloudflare
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -29,16 +29,12 @@ jobs:
      RUSTFLAGS: --deny warnings
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
    - name: Install Rust Toolchain Components
-      uses: actions-rs/toolchain@v1
+      uses: dtolnay/rust-toolchain@stable
      with:
        components: clippy, rustfmt
        override: true
        toolchain: stable
-    - uses: Swatinem/rust-cache@v1
+    - uses: Swatinem/rust-cache@v2
    - name: Test
      run: cargo test --all
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -27,7 +27,7 @@ jobs:
        - target: aarch64-pc-windows-msvc
          os: windows-latest
          use-cross: true
-          cargo-flags: "--no-default-features"
+          cargo-flags: ""
        - target: x86_64-apple-darwin
          os: macos-latest
          cargo-flags: ""
@@ -71,30 +71,42 @@ jobs:
          use-cross: true
          cargo-flags: "--no-default-features"
    runs-on: ${{matrix.os}}
    env:
      BUILD_CMD: cargo
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
    - name: Check Tag
      id: check-tag
      shell: bash
      run: |
-        tag=${GITHUB_REF##*/}
+        ver=${GITHUB_REF##*/}
-        echo "::set-output name=version::$tag"
+        echo "version=$ver" >> $GITHUB_OUTPUT
-        if [[ "$tag" =~ [0-9]+.[0-9]+.[0-9]+$ ]]; then
+        if [[ "$ver" =~ [0-9]+.[0-9]+.[0-9]+$ ]]; then
-          echo "::set-output name=rc::false"
+          echo "rc=false" >> $GITHUB_OUTPUT
        else
-          echo "::set-output name=rc::true"
+          echo "rc=true" >> $GITHUB_OUTPUT
        fi
    - name: Install Rust Toolchain Components
-      uses: actions-rs/toolchain@v1
+      uses: dtolnay/rust-toolchain@stable
      with:
-        override: true
+        targets: ${{ matrix.target }}
-        target: ${{ matrix.target }}
+        #  Since rust 1.72, mips platforms are tier 3
-        toolchain: stable
+        toolchain: 1.71
-        profile: minimal # minimal component installation (ie, no documentation)
+
    - name: Install cross
      if: matrix.use-cross
      uses: taiki-e/install-action@v2
      with:
        tool: cross
    - name: Overwrite build command env variable
      if: matrix.use-cross
      shell: bash
      run: echo "BUILD_CMD=cross" >> $GITHUB_ENV
    - name: Show Version Information (Rust, cargo, GCC)
      shell: bash
@@ -107,11 +119,8 @@ jobs:
        rustc -V
    - name: Build
-      uses: actions-rs/cargo@v1
+      shell: bash
-      with:
+      run: $BUILD_CMD build --locked --release --target=${{ matrix.target }} ${{ matrix.cargo-flags }}
        use-cross: ${{ matrix.use-cross }}
        command: build
        args: --locked --release --target=${{ matrix.target }} ${{ matrix.cargo-flags }}
    - name: Build Archive
      shell: bash
@@ -123,8 +132,7 @@ jobs:
        set -euxo pipefail
        bin=${GITHUB_REPOSITORY##*/}
-        src=`pwd`
+        dist_dir=`pwd`/dist
        dist=$src/dist
        name=$bin-$version-$target
        executable=target/$target/release/$bin
@@ -132,22 +140,22 @@ jobs:
          executable=$executable.exe
        fi
-        mkdir $dist
+        mkdir $dist_dir
-        cp $executable $dist
+        cp $executable $dist_dir
-        cd $dist
+        cd $dist_dir
        if [[ "$RUNNER_OS" == "Windows" ]]; then
-            archive=$dist/$name.zip
+            archive=$dist_dir/$name.zip
            7z a $archive *
-            echo "::set-output name=archive::`pwd -W`/$name.zip"
+            echo "archive=dist/$name.zip" >> $GITHUB_OUTPUT
        else
-            archive=$dist/$name.tar.gz
+            archive=$dist_dir/$name.tar.gz
-            tar czf $archive *
+            tar -czf $archive *
-            echo "::set-output name=archive::$archive"
+            echo "archive=dist/$name.tar.gz" >> $GITHUB_OUTPUT
        fi
    - name: Publish Archive
-      uses: softprops/action-gh-release@v0.1.5
+      uses: softprops/action-gh-release@v1
      if: ${{ startsWith(github.ref, 'refs/tags/') }}
      with:
        draft: false
@@ -163,16 +171,16 @@ jobs:
    needs: release
    steps:
      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
+        uses: docker/setup-qemu-action@v2
      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v2
      - name: Login to DockerHub
-        uses: docker/login-action@v1
+        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Build and push
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v4
        with:
          build-args: |
            REPO=${{ github.repository }}
@@ -191,13 +199,11 @@ jobs:
    runs-on: ubuntu-latest
    needs: release
    steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
      - uses: actions-rs/toolchain@v1
        with:
          profile: minimal
          toolchain: stable
      - name: Publish
      - uses: dtolnay/rust-toolchain@stable
      - name: Publish
        env:
          CARGO_REGISTRY_TOKEN: ${{ secrets.CRATES_IO_API_TOKEN }}
        run: cargo publish
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,114 @@
 All notable changes to this project will be documented in this file.
 ## [0.39.0] - 2024-01-11
 ### Bug Fixes
 - Upload more than 100 files in directory ([#317](https://github.com/sigoden/dufs/issues/317))
 - Auth precedence ([#325](https://github.com/sigoden/dufs/issues/325))
 - Serve files with names containing newline char ([#328](https://github.com/sigoden/dufs/issues/328))
 - Corrupted zip when downloading large folders ([#337](https://github.com/sigoden/dufs/issues/337))
 ### Features
 - Empty search `?q=` list all paths ([#311](https://github.com/sigoden/dufs/issues/311))
 - Add `--compress` option ([#319](https://github.com/sigoden/dufs/issues/319))
 - Upgrade to hyper 1.0 ([#321](https://github.com/sigoden/dufs/issues/321))
 - Auth supports forbidden permissions ([#329](https://github.com/sigoden/dufs/issues/329))
 - Supports resumable uploads ([#343](https://github.com/sigoden/dufs/issues/343))
 ### Refactor
 - Change the format of www-authenticate ([#312](https://github.com/sigoden/dufs/issues/312))
 - Change the value name of `--config` ([#313](https://github.com/sigoden/dufs/issues/313))
 - Optimize http range parsing and handling ([#323](https://github.com/sigoden/dufs/issues/323))
 - Propfind with auth no need to list all ([#344](https://github.com/sigoden/dufs/issues/344))
 ## [0.38.0] - 2023-11-28
 ### Bug Fixes
 - Unable to start if config file omit bind/port fields ([#294](https://github.com/sigoden/dufs/issues/294))
 ### Features
 - Password can contain `:` `@` `|` ([#297](https://github.com/sigoden/dufs/issues/297))
 - Deprecate the use of `|` to separate auth rules ([#298](https://github.com/sigoden/dufs/issues/298))
 - More flexible config values ([#299](https://github.com/sigoden/dufs/issues/299))
 - Ui supports view file ([#301](https://github.com/sigoden/dufs/issues/301))
 ### Refactor
 - Take improvements from the edge browser ([#289](https://github.com/sigoden/dufs/issues/289))
 - Ui change the cursor for upload-btn to a pointer ([#291](https://github.com/sigoden/dufs/issues/291))
 - Ui improve uploading progress ([#296](https://github.com/sigoden/dufs/issues/296))
 ## [0.37.1] - 2023-11-08
 ### Bug Fixes
 - Use DUFS_CONFIG to specify the config file path ([#286](https://github.com/sigoden/dufs/issues/286)
 ## [0.37.0] - 2023-11-08
 ### Bug Fixes
 - Sort path ignore case ([#264](https://github.com/sigoden/dufs/issues/264))
 - Ui show user-name next to the user-icon ([#278](https://github.com/sigoden/dufs/issues/278))
 - Auto delete half-uploaded files ([#280](https://github.com/sigoden/dufs/issues/280))
 ### Features
 - Deprecate `--auth-method`,  as both options are available ([#279](https://github.com/sigoden/dufs/issues/279))
 - Support config file with `--config` option ([#281](https://github.com/sigoden/dufs/issues/281))
 - Support hashed password ([#283](https://github.com/sigoden/dufs/issues/283))
 ### Refactor
 - Remove one clone on `assets_prefix` ([#270](https://github.com/sigoden/dufs/issues/270))
 - Optimize tests
 - Improve code quanity ([#282](https://github.com/sigoden/dufs/issues/282))
 ## [0.36.0] - 2023-08-24
 ### Bug Fixes
 - Ui readonly if no write perm ([#258](https://github.com/sigoden/dufs/issues/258))
 ### Testing
 - Remove dependency on native tls ([#255](https://github.com/sigoden/dufs/issues/255))
 ## [0.35.0] - 2023-08-14
 ### Bug Fixes
 - Search should ignore entry path ([#235](https://github.com/sigoden/dufs/issues/235))
 - Typo __ASSERTS_PREFIX__ ([#252](https://github.com/sigoden/dufs/issues/252))
 ### Features
 - Sort by type first, then sort by name/mtime/size ([#241](https://github.com/sigoden/dufs/issues/241))
 ## [0.34.2] - 2023-06-05
 ### Bug Fixes
 - Ui refresh page after login ([#230](https://github.com/sigoden/dufs/issues/230))
 - Webdav only see public folder even logging in ([#231](https://github.com/sigoden/dufs/issues/231))
 ## [0.34.1] - 2023-06-02
 ### Bug Fixes
 - Auth logic ([#224](https://github.com/sigoden/dufs/issues/224))
 - Allow all cors headers and methods ([#225](https://github.com/sigoden/dufs/issues/225))
 ### Refactor
 - Ui checkAuth ([#226](https://github.com/sigoden/dufs/issues/226))
 ## [0.34.0] - 2023-06-01
 ### Bug Fixes
--- a/Cargo.lock
+++ b/Cargo.lock
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "dufs"
-version = "0.34.0"
+version = "0.39.0"
 edition = "2021"
 authors = ["sigoden <sigoden@gmail.com>"]
 description = "Dufs is a distinctive utility file server"
@@ -13,55 +13,64 @@ keywords = ["static", "file", "server", "webdav", "cli"]
 [dependencies]
 clap = { version = "4", features = ["wrap_help", "env"] }
 clap_complete = "4"
-chrono = "0.4"
+chrono = { version = "0.4", default-features = false, features = ["clock"] }
 tokio = { version = "1", features = ["rt-multi-thread", "macros", "fs", "io-util", "signal"]}
 tokio-util = { version = "0.7",  features = ["io-util", "compat"] }
-hyper = { version = "0.14", features = ["http1", "server", "tcp", "stream"] }
+hyper = { version = "1.0", features = ["http1", "server"] }
-percent-encoding = "2.1"
+percent-encoding = "2.3"
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
-futures = "0.3"
+futures-util = { version = "0.3", default-features = false, features = ["alloc"] }
-base64 = "0.21"
+async_zip = { version = "0.0.16", default-features = false, features = ["deflate", "bzip2", "xz", "chrono", "tokio"] }
-async_zip = { version = "0.0.15", default-features = false, features = ["deflate", "chrono", "tokio"] }
+headers = "0.4"
 headers = "0.3"
 mime_guess = "2.0"
-if-addrs = "0.10.1"
+if-addrs = "0.11"
-rustls = { version = "0.21", default-features = false, features = ["tls12"], optional = true }
+rustls-pemfile = { version = "2.0", optional = true }
-rustls-pemfile = { version = "1", optional = true }
+tokio-rustls = { version = "0.25", optional = true }
 tokio-rustls = { version = "0.24", optional = true }
 md5 = "0.7"
 lazy_static = "1.4"
-uuid = { version = "1.1", features = ["v4", "fast-rng"] }
+uuid = { version = "1.4", features = ["v4", "fast-rng"] }
 urlencoding = "2.1"
 xml-rs = "0.8"
 log = "0.4"
 socket2 = "0.5"
 async-stream = "0.3"
 walkdir = "2.3"
-form_urlencoded = "1.0"
+form_urlencoded = "1.2"
 alphanumeric-sort = "1.4"
 content_inspector = "0.2"
 anyhow = "1.0"
 chardetng = "0.1"
-glob = "0.3.1"
+glob = "0.3"
-indexmap = "1.9"
+indexmap = "2.0"
 serde_yaml = "0.9"
 sha-crypt = "0.5"
 base64 = "0.21"
 smart-default = "0.7"
 rustls-pki-types = "1.0"
 hyper-util = { version = "0.1", features = ["server-auto", "tokio"] }
 http-body-util = "0.1"
 bytes = "1.5"
 pin-project-lite = "0.2"
 [features]
 default = ["tls"]
-tls = ["rustls", "rustls-pemfile", "tokio-rustls"]
+tls = ["rustls-pemfile", "tokio-rustls"]
 [dev-dependencies]
 assert_cmd = "2"
 reqwest = { version = "0.11", features = ["blocking", "multipart", "rustls-tls"], default-features = false }
 assert_fs = "1"
 port_check = "0.1"
-rstest = "0.17"
+rstest = "0.18"
 regex = "1"
 url = "2"
-diqwest = { version = "1", features = ["blocking"] }
+diqwest = { version = "2.0", features = ["blocking"], default-features = false }
 predicates = "3"
 [profile.release]
 opt-level = 3
 lto = true
-strip = true
+codegen-units = 1
-opt-level = "z"
+panic = "abort"
 strip = "symbols"
--- a/README.md
+++ b/README.md
@@ -13,7 +13,7 @@ Dufs is a distinctive utility file server that supports static serving, uploadin
 - Download folder as zip file
 - Upload files and folders (Drag & Drop)
 - Create/Edit/Search files
- Partial responses (Parallel/Resume download)
+- Resumable/partial uploads/downloads
 - Access control
 - Support https
 - Support webdav
@@ -48,18 +48,18 @@ Download from [Github Releases](https://github.com/sigoden/dufs/releases), unzip
 ```
 Dufs is a distinctive utility file server - https://github.com/sigoden/dufs
-Usage: dufs [OPTIONS] [serve_path]
+Usage: dufs [OPTIONS] [serve-path]
 Arguments:
-  [serve_path]  Specific path to serve [default: .]
+  [serve-path]  Specific path to serve [default: .]
 Options:
  -c, --config <file>        Specify configuration file
  -b, --bind <addrs>         Specify bind address or unix socket
  -p, --port <port>          Specify port to listen on [default: 5000]
      --path-prefix <path>   Specify a path prefix
-      --hidden <value>       Hide paths from directory listings, separated by `,`
+      --hidden <value>       Hide paths from directory listings, e.g. tmp,*.log,*.lock
-  -a, --auth <rules>         Add auth role
+  -a, --auth <rules>         Add auth roles, e.g. user:pass@/dir1:rw,/dir2
      --auth-method <value>  Select auth method [default: digest] [possible values: basic, digest]
  -A, --allow-all            Allow all operations
      --allow-upload         Allow upload files/folders
      --allow-delete         Allow delete files/folders
@@ -70,18 +70,19 @@ Options:
      --render-index         Serve index.html when requesting a directory, returns 404 if not found index.html
      --render-try-index     Serve index.html when requesting a directory, returns directory listing if not found index.html
      --render-spa           Serve SPA(Single Page Application)
-      --assets <path>        Use custom assets to override builtin assets
+      --assets <path>        Set the path to the assets directory for overriding the built-in assets
      --log-format <format>  Customize http log format
      --compress <level>     Set zip compress level [default: low] [possible values: none, low, medium, high]
      --completions <shell>  Print shell completion script for <shell> [possible values: bash, elvish, fish, powershell, zsh]
      --tls-cert <path>      Path to an SSL/TLS certificate to serve with HTTPS
      --tls-key <path>       Path to the SSL/TLS certificate's private key
      --log-format <format>  Customize http log format
      --completions <shell>  Print shell completion script for <shell> [possible values: bash, elvish, fish, powershell, zsh]
  -h, --help                 Print help
  -V, --version              Print version
 ```
 ## Examples
-Serve current working directory in readonly mode
+Serve current working directory in read-only mode
 ```
 dufs
@@ -126,7 +127,7 @@ dufs --render-index
 Require username/password
 ```
-dufs -a /@admin:123
+dufs -a admin:123@/:rw
 ```
 Listen on specific host:ip 
@@ -186,16 +187,30 @@ curl -X MOVE https://127.0.0.1:5000/path -H "Destination: https://127.0.0.1:5000
 List/search directory contents
 ```
-curl http://127.0.0.1:5000?simple                 # output names only, just like `ls -1`
+curl http://127.0.0.1:5000?q=Dockerfile           # search for files, similar to `find -name Dockerfile`
 curl http://127.0.0.1:5000?simple                 # output names only, similar to `ls -1`
 curl http://127.0.0.1:5000?json                   # output paths in json format
 curl http://127.0.0.1:5000?q=Dockerfile&simple    # search for files, just like `find -name Dockerfile`
 ```
 With authorization
 ```
-curl --user user:pass --digest http://192.168.8.10:5000/file  # digest auth
+curl http://127.0.0.1:5000/file --user user:pass                 # basic auth
-curl --user user:pass http://192.168.8.10:5000/file           # basic auth
+curl http://127.0.0.1:5000/file --user user:pass --digest        # digest auth
 ```
 Resumable downloads
 ```
 curl -C- -o file http://127.0.0.1:5000/file
 ```
 Resumable uploads
 ```
 upload_offset=$(curl -I -s http://127.0.0.1:5000/file | tr -d '\r' | sed -n 's/content-length: //p')
 dd skip=$upload_offset if=file status=none ibs=1 | \
  curl -X PATCH -H "X-Update-Range: append" --data-binary @- http://127.0.0.1:5000/file
 ```
 <details>
@@ -206,44 +221,44 @@ curl --user user:pass http://192.168.8.10:5000/file           # basic auth
 Dufs supports account based access control. You can control who can do what on which path with `--auth`/`-a`.
 ```
-dufs -a [user:pass]@path[:rw][,path[:rw]...][|...]
+dufs -a admin:admin@/:rw -a guest:guest@/
 dufs -a user:pass@/:rw,/dir1,/dir2:- -a @/
 ```
-1: Multiple rules are separated by "|"
+
-2: User and pass are the account name and password, if omitted, it is an anonymous user
+1. Use `@` to separate the account and paths. No account means anonymous user.
-3: One rule can set multiple paths, separated by ","
+2. Use `:` to separate the username and password of the account.
-4: Add `:rw` after the path to indicate that the path has read and write permissions, otherwise the path has readonly permissions.
+3. Use `,` to separate paths.
 4. Use path suffix `:rw`, `:ro`, `:-` to set permissions: `read-write`, `read-only`, `forbidden`. `:ro` can be omitted.
 - `-a admin:admin@/:rw`: `admin` has complete permissions for all paths.
 - `-a guest:guest@/`: `guest` has read-only permissions for all paths.
 - `-a user:pass@/:rw,/dir1,/dir2:-`: `user` has read-write permissions for `/*`, has read-only permissions for `/dir1/*`, but is fordden for `/dir2/*`.
 - `-a @/`: All paths is publicly accessible, everyone can view/download it.
 > There are no restrictions on using ':' and '@' characters in a password. For example, `user:pa:ss@1@/:rw` is valid, the password is `pa:ss@1`.
 #### Hashed Password
 DUFS supports the use of sha-512 hashed password.
 Create hashed password
 ```
-dufs -A -a admin:admin@/:rw
+$ mkpasswd  -m sha-512 -s
 Password: 123456 
 $6$qCAVUG7yn7t/hH4d$BWm8r5MoDywNmDP/J3V2S2a6flmKHC1IpblfoqZfuK.LtLBZ0KFXP9QIfJP8RqL8MCw4isdheoAMTuwOz.pAO/
 ```
 `admin` has all permissions for all paths.
 Use hashed password
 ```
-dufs -A -a admin:admin@/:rw -a guest:guest@/
+dufs -a 'admin:$6$qCAVUG7yn7t/hH4d$BWm8r5MoDywNmDP/J3V2S2a6flmKHC1IpblfoqZfuK.LtLBZ0KFXP9QIfJP8RqL8MCw4isdheoAMTuwOz.pAO/@/:rw'
 ```
 `guest` has readonly permissions for all paths.
-```
+Two important things for hashed passwords:
 dufs -A -a admin:admin@/:rw -a @/
 ```
 All paths is public, everyone can view/download it.
-```
+1. Dufs only supports sha-512 hashed passwords, so ensure that the password string always starts with `$6$`.
-dufs -A -a admin:admin@/:rw -a user1:pass1@/user1:rw -a user2:pass2@/user2
+2. Digest authentication does not function properly with hashed passwords.
 dufs -A -a "admin:admin@/:rw|user1:pass1@/user1:rw|user2:pass2@/user2"
 ```
 `user1` has all permissions for `/user1/*` path.
 `user2` has all permissions for `/user2/*` path.
 ```
 dufs -A -a user:pass@/dir1:rw,/dir2:rw,dir3
 ```
 `user` has all permissions for `/dir1/*` and `/dir2/*`, has readonly permissions for `/dir3/`.
 ```
 dufs -a admin:admin@/
 ```
 Since dufs only allows viewing/downloading, `admin` can only view/download files.
 ### Hide Paths
@@ -259,6 +274,7 @@ dufs --hidden .git,.DS_Store,tmp
 dufs --hidden '.*'                          # hidden dotfiles
 dufs --hidden '*/'                          # hidden all folders
 dufs --hidden '*.log,*.lock'                # hidden by exts
 dufs --hidden '*.log' --hidden '*.lock'
 ```
 ### Log Format
@@ -307,14 +323,14 @@ dufs --log-format '$remote_addr $remote_user "$request" $status' -a /@admin:admi
 All options can be set using environment variables prefixed with `DUFS_`.
 ```
-  [ROOT_DIR]                  DUFS_ROOT_DIR=/dir
+[serve-path]                DUFS_SERVE_PATH="."
-  -b, --bind <addrs>          DUFS_BIND=0.0.0.0
+    --config <file>         DUFS_CONFIG=config.yaml
-  -p, --port <port>           DUFS_PORT=5000
+-b, --bind <addrs>          DUFS_BIND=0.0.0.0
-      --path-prefix <path>    DUFS_PATH_RREFIX=/path
+-p, --port <port>           DUFS_PORT=5000
-      --hidden <value>        DUFS_HIDDEN=*.log
+    --path-prefix <path>    DUFS_PATH_PREFIX=/static
-  -a, --auth <rules>          DUFS_AUTH="admin:admin@/:rw|@/" 
+    --hidden <value>        DUFS_HIDDEN=tmp,*.log,*.lock
-      --auth-method <value>   DUFS_AUTH_METHOD=basic
+-a, --auth <rules>          DUFS_AUTH="admin:admin@/:rw|@/" 
-  -A, --allow-all             DUFS_ALLOW_ALL=true
+-A, --allow-all             DUFS_ALLOW_ALL=true
    --allow-upload          DUFS_ALLOW_UPLOAD=true
    --allow-delete          DUFS_ALLOW_DELETE=true
    --allow-search          DUFS_ALLOW_SEARCH=true
@@ -325,9 +341,46 @@ All options can be set using environment variables prefixed with `DUFS_`.
    --render-try-index      DUFS_RENDER_TRY_INDEX=true
    --render-spa            DUFS_RENDER_SPA=true
    --assets <path>         DUFS_ASSETS=/assets
    --log-format <format>   DUFS_LOG_FORMAT=""
    --compress <compress>   DUFS_COMPRESS="low"
    --tls-cert <path>       DUFS_TLS_CERT=cert.pem
    --tls-key <path>        DUFS_TLS_KEY=key.pem
-      --log-format <format>   DUFS_LOG_FORMAT=""
+```
 ## Configuration File
 You can specify and use the configuration file by selecting the option `--config <path-to-config.yaml>`.
 The following are the configuration items:
 ```yaml
 serve-path: '.'
 bind: 0.0.0.0
 port: 5000
 path-prefix: /dufs
 hidden:
  - tmp
  - '*.log'
  - '*.lock'
 auth:
  - admin:admin@/:rw
  - user:pass@/src:rw,/share
  - '@/'  # According to the YAML spec, quoting is required.
 allow-all: false
 allow-upload: true
 allow-delete: true
 allow-search: true
 allow-symlink: true
 allow-archive: true
 enable-cors: true
 render-index: true
 render-try-index: true
 render-spa: true
 assets: ./assets/
 log-format: '$remote_addr "$request" $status $http_user_agent'
 compress: low
 tls-cert: tests/data/cert.pem
 tls-key: tests/data/key_pkcs1.pem
 ```
 ### Customize UI
@@ -343,7 +396,7 @@ Your assets folder must contains a `index.html` file.
 `index.html` can use the following placeholder variables to retrieve internal data.
 - `__INDEX_DATA__`: directory listing data
- `__ASSERTS_PREFIX__`: assets url prefix
+- `__ASSETS_PREFIX__`: assets url prefix
 </details>
--- a/assets/index.css
+++ b/assets/index.css
@@ -73,6 +73,10 @@ body {
  display: none;
 }
 .upload-file label {
  cursor: pointer;
 }
 .searchbar {
  display: flex;
  flex-wrap: nowrap;
@@ -103,11 +107,6 @@ body {
  cursor: pointer;
 }
 .upload-status span {
  width: 70px;
  display: inline-block;
 }
 .main {
  padding: 3.3em 1em 0;
 }
@@ -134,6 +133,10 @@ body {
  padding-left: 0.6em;
 }
 .cell-status span {
  display: inline-block;
 }
 .paths-table thead a {
  color: unset;
  text-decoration: none;
@@ -208,22 +211,37 @@ body {
  height: calc(100vh - 5rem);
  border: 1px solid #ced4da;
  outline: none;
  padding: 5px;
 }
-.toolbox2 {
+.toolbox-right {
  margin-left: auto;
  margin-right: 2em;
 }
 .save-btn {
  cursor: pointer;
  -webkit-user-select: none;
  user-select: none;
 }
 .user-btn {
    display: flex;
    align-items: center;
 }
 .user-name {
  padding-left: 3px;
 }
 .not-editable {
  font-style: italic;
 }
 .retry-btn {
  cursor: pointer;
 }
@media (min-width: 768px) {
  .path a {
    min-width: 400px;
--- a/assets/index.html
+++ b/assets/index.html
@@ -1,15 +1,15 @@
 <!DOCTYPE html>
-<html>
+<html lang="en-US">
 <head>
  <meta charset="utf-8" />
  <meta name="viewport" content="width=device-width" />
-  <link rel="icon" type="image/x-icon" href="__ASSERTS_PREFIX__favicon.ico">
+  <link rel="icon" type="image/x-icon" href="__ASSETS_PREFIX__favicon.ico">
-  <link rel="stylesheet" href="__ASSERTS_PREFIX__index.css">
+  <link rel="stylesheet" href="__ASSETS_PREFIX__index.css">
  <script>
    DATA = __INDEX_DATA__
  </script>
-  <script src="__ASSERTS_PREFIX__index.js"></script>
+  <script src="__ASSETS_PREFIX__index.js"></script>
 </head>
 <body>
@@ -48,7 +48,7 @@
              d="M7.646 1.146a.5.5 0 0 1 .708 0l3 3a.5.5 0 0 1-.708.708L8.5 2.707V11.5a.5.5 0 0 1-1 0V2.707L5.354 4.854a.5.5 0 1 1-.708-.708l3-3z" />
          </svg>
        </label>
-        <input type="file" id="file" name="file" multiple>
+        <input type="file" id="file" title="Upload files" name="file" multiple>
      </div>
      <div class="control new-folder hidden" title="New folder">
        <svg width="16" height="16" viewBox="0 0 16 16">
@@ -74,10 +74,10 @@
            d="M11.742 10.344a6.5 6.5 0 1 0-1.397 1.398h-.001c.03.04.062.078.098.115l3.85 3.85a1 1 0 0 0 1.415-1.414l-3.85-3.85a1.007 1.007 0 0 0-.115-.1zM12 6.5a5.5 5.5 0 1 1-11 0 5.5 5.5 0 0 1 11 0z" />
        </svg>
      </div>
-      <input id="search" name="q" type="text" maxlength="128" autocomplete="off" tabindex="1">
+      <input id="search" title="Searching for folders or files" name="q" type="text" maxlength="128" autocomplete="off" tabindex="1">
      <input type="submit" hidden />
    </form>
-    <div class="toolbox2">
+    <div class="toolbox-right">
      <div class="login-btn hidden" title="Login for upload/move/delete/edit permissions">
        <svg width="16" height="16" viewBox="0 0 16 16">
          <path fill-rule="evenodd"
@@ -91,6 +91,7 @@
          <path
            d="M8 8a3 3 0 1 0 0-6 3 3 0 0 0 0 6Zm2-3a2 2 0 1 1-4 0 2 2 0 0 1 4 0Zm4 8c0 1-1 1-1 1H3s-1 0-1-1 1-4 6-4 6 3 6 4Zm-1-.004c-.001-.246-.154-.986-.832-1.664C11.516 10.68 10.289 10 8 10c-2.29 0-3.516.68-4.168 1.332-.678.678-.83 1.418-.832 1.664h10Z" />
        </svg>
        <span class="user-name"></span>
      </div>
      <div class="save-btn hidden" title="Save file">
        <svg viewBox="0 0 1024 1024" width="24" height="24">
@@ -121,7 +122,7 @@
    </div>
    <div class="editor-page hidden">
      <div class="not-editable hidden"></div>
-      <textarea class="editor hidden" cols="10"></textarea>
+      <textarea id="editor" class="editor hidden" aria-label="Editor" cols="10"></textarea>
    </div>
  </div>
  <script>
--- a/assets/index.js
+++ b/assets/index.js
@@ -10,7 +10,7 @@
 * @typedef {object} DATA
 * @property {string} href
 * @property {string} uri_prefix
- * @property {"Index" | "Edit"} kind
+ * @property {"Index" | "Edit" | "View"} kind
 * @property {PathItem[]} paths
 * @property {boolean} allow_upload
 * @property {boolean} allow_delete
@@ -55,9 +55,15 @@ const ICONS = {
  download: `<svg width="16" height="16" viewBox="0 0 16 16"><path d="M.5 9.9a.5.5 0 0 1 .5.5v2.5a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1v-2.5a.5.5 0 0 1 1 0v2.5a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2v-2.5a.5.5 0 0 1 .5-.5z"/><path d="M7.646 11.854a.5.5 0 0 0 .708 0l3-3a.5.5 0 0 0-.708-.708L8.5 10.293V1.5a.5.5 0 0 0-1 0v8.793L5.354 8.146a.5.5 0 1 0-.708.708l3 3z"/></svg>`,
  move: `<svg width="16" height="16" viewBox="0 0 16 16"><path fill-rule="evenodd" d="M1.5 1.5A.5.5 0 0 0 1 2v4.8a2.5 2.5 0 0 0 2.5 2.5h9.793l-3.347 3.346a.5.5 0 0 0 .708.708l4.2-4.2a.5.5 0 0 0 0-.708l-4-4a.5.5 0 0 0-.708.708L13.293 8.3H3.5A1.5 1.5 0 0 1 2 6.8V2a.5.5 0 0 0-.5-.5z"/></svg>`,
  edit: `<svg width="16" height="16" viewBox="0 0 16 16"><path d="M12.146.146a.5.5 0 0 1 .708 0l3 3a.5.5 0 0 1 0 .708l-10 10a.5.5 0 0 1-.168.11l-5 2a.5.5 0 0 1-.65-.65l2-5a.5.5 0 0 1 .11-.168l10-10zM11.207 2.5 13.5 4.793 14.793 3.5 12.5 1.207 11.207 2.5zm1.586 3L10.5 3.207 4 9.707V10h.5a.5.5 0 0 1 .5.5v.5h.5a.5.5 0 0 1 .5.5v.5h.293l6.5-6.5zm-9.761 5.175-.106.106-1.528 3.821 3.821-1.528.106-.106A.5.5 0 0 1 5 12.5V12h-.5a.5.5 0 0 1-.5-.5V11h-.5a.5.5 0 0 1-.468-.325z"/></svg>`,
-  delete: `<svg width="16" height="16" fill="currentColor"viewBox="0 0 16 16"><path d="M6.854 7.146a.5.5 0 1 0-.708.708L7.293 9l-1.147 1.146a.5.5 0 0 0 .708.708L8 9.707l1.146 1.147a.5.5 0 0 0 .708-.708L8.707 9l1.147-1.146a.5.5 0 0 0-.708-.708L8 8.293 6.854 7.146z"/><path d="M14 14V4.5L9.5 0H4a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h8a2 2 0 0 0 2-2zM9.5 3A1.5 1.5 0 0 0 11 4.5h2V14a1 1 0 0 1-1 1H4a1 1 0 0 1-1-1V2a1 1 0 0 1 1-1h5.5v2z"/></svg>`,
+  delete: `<svg width="16" height="16" viewBox="0 0 16 16"><path d="M6.854 7.146a.5.5 0 1 0-.708.708L7.293 9l-1.147 1.146a.5.5 0 0 0 .708.708L8 9.707l1.146 1.147a.5.5 0 0 0 .708-.708L8.707 9l1.147-1.146a.5.5 0 0 0-.708-.708L8 8.293 6.854 7.146z"/><path d="M14 14V4.5L9.5 0H4a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h8a2 2 0 0 0 2-2zM9.5 3A1.5 1.5 0 0 0 11 4.5h2V14a1 1 0 0 1-1 1H4a1 1 0 0 1-1-1V2a1 1 0 0 1 1-1h5.5v2z"/></svg>`,
  view: `<svg width="16" height="16" viewBox="0 0 16 16"><path d="M4 0a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h8a2 2 0 0 0 2-2V2a2 2 0 0 0-2-2zm0 1h8a1 1 0 0 1 1 1v12a1 1 0 0 1-1 1H4a1 1 0 0 1-1-1V2a1 1 0 0 1 1-1"/></svg>`,
 }
 /**
 * @type Map<string, Uploader>
 */
 const failUploaders = new Map();
 /**
 * @type Element
 */
@@ -86,6 +92,10 @@ let $editor;
 * @type Element
 */
 let $userBtn;
 /**
 * @type Element
 */
 let $userName;
 function ready() {
  $pathsTable = document.querySelector(".paths-table")
@@ -95,6 +105,7 @@ function ready() {
  $emptyFolder = document.querySelector(".empty-folder");
  $editor = document.querySelector(".editor");
  $userBtn = document.querySelector(".user-btn");
  $userName = document.querySelector(".user-name");
  addBreadcrumb(DATA.href, DATA.uri_prefix);
@@ -108,7 +119,12 @@ function ready() {
    document.title = `Edit ${DATA.href} - Dufs`;
    document.querySelector(".editor-page").classList.remove("hidden");;
-    setupEditPage();
+    setupEditorPage();
  } else if (DATA.kind == "View") {
    document.title = `View ${DATA.href} - Dufs`;
    document.querySelector(".editor-page").classList.remove("hidden");;
    setupEditorPage();
  }
 }
@@ -117,23 +133,24 @@ class Uploader {
  /**
   *
   * @param {File} file
-   * @param {string[]} dirs 
+   * @param {string[]} pathParts
   */
-  constructor(file, dirs) {
+  constructor(file, pathParts) {
    /**
     * @type Element
     */
    this.$uploadStatus = null
    this.uploaded = 0;
    this.uploadOffset = 0;
    this.lastUptime = 0;
-    this.name = [...dirs, file.name].join("/");
+    this.name = [...pathParts, file.name].join("/");
    this.idx = Uploader.globalIdx++;
    this.file = file;
    this.url = newUrl(this.name);
  }
  upload() {
-    const { idx, name } = this;
+    const { idx, name, url } = this;
    const url = newUrl(name);
    const encodedName = encodedStr(name);
    $uploadersTable.insertAdjacentHTML("beforeend", `
  <tr id="upload${idx}" class="uploader">
@@ -149,13 +166,25 @@ class Uploader {
    $emptyFolder.classList.add("hidden");
    this.$uploadStatus = document.getElementById(`uploadStatus${idx}`);
    this.$uploadStatus.innerHTML = '-';
    this.$uploadStatus.addEventListener("click", e => {
      const nodeId = e.target.id;
      const matches = /^retry(\d+)$/.exec(nodeId);
      if (matches) {
        const id = parseInt(matches[1]);
        let uploader = failUploaders.get(id);
        if (uploader) uploader.retry();
      }
    });
    Uploader.queues.push(this);
    Uploader.runQueue();
  }
  ajax() {
-    const url = newUrl(this.name);
+    const { url } = this;
    this.uploaded = 0;
    this.lastUptime = Date.now();
    const ajax = new XMLHttpRequest();
    ajax.upload.addEventListener("progress", e => this.progress(e), false);
    ajax.addEventListener("readystatechange", () => {
@@ -163,37 +192,64 @@ class Uploader {
        if (ajax.status >= 200 && ajax.status < 300) {
          this.complete();
        } else {
-          this.fail();
+          if (ajax.status != 0) {
            this.fail(`${ajax.status} ${ajax.statusText}`);
          }
        }
      }
    })
    ajax.addEventListener("error", () => this.fail(), false);
    ajax.addEventListener("abort", () => this.fail(), false);
    if (this.uploadOffset > 0) {
      ajax.open("PATCH", url);
      ajax.setRequestHeader("X-Update-Range", "append");
      ajax.send(this.file.slice(this.uploadOffset));
    } else {
      ajax.open("PUT", url);
      ajax.send(this.file);
      // setTimeout(() => ajax.abort(), 3000);
    }
  }
  async retry() {
    const { url } = this;
    let res = await fetch(url, {
      method: "HEAD",
    });
    let uploadOffset = 0;
    if (res.status == 200) {
      let value = res.headers.get("content-length");
      uploadOffset = parseInt(value) || 0;
    }
    this.uploadOffset = uploadOffset;
    this.ajax()
  }
  progress(event) {
    const now = Date.now();
    const speed = (event.loaded - this.uploaded) / (now - this.lastUptime) * 1000;
    const [speedValue, speedUnit] = formatSize(speed);
-    const speedText = `${speedValue}${speedUnit.toLowerCase()}/s`;
+    const speedText = `${speedValue} ${speedUnit}/s`;
-    const progress = formatPercent((event.loaded / event.total) * 100);
+    const progress = formatPercent(((event.loaded + this.uploadOffset) / this.file.size) * 100);
    const duration = formatDuration((event.total - event.loaded) / speed)
-    this.$uploadStatus.innerHTML = `<span>${speedText}</span><span>${progress}</span><span>${duration}</span>`;
+    this.$uploadStatus.innerHTML = `<span style="width: 80px;">${speedText}</span><span>${progress} ${duration}</span>`;
    this.uploaded = event.loaded;
    this.lastUptime = now;
  }
  complete() {
-    this.$uploadStatus.innerHTML = `✓`;
+    const $uploadStatusNew = this.$uploadStatus.cloneNode(true);
    $uploadStatusNew.innerHTML = `✓`;
    this.$uploadStatus.parentNode.replaceChild($uploadStatusNew, this.$uploadStatus);
    this.$uploadStatus = null;
    failUploaders.delete(this.idx);
    Uploader.runnings--;
    Uploader.runQueue();
  }
-  fail() {
+  fail(reason = "") {
-    this.$uploadStatus.innerHTML = `✗`;
+    this.$uploadStatus.innerHTML = `<span style="width: 20px;" title="${reason}">✗</span><span class="retry-btn" id="retry${this.idx}" title="Retry">↻</span>`;
    failUploaders.set(this.idx, this);
    Uploader.runnings--;
    Uploader.runQueue();
  }
@@ -218,8 +274,11 @@ Uploader.runQueue = async () => {
  let uploader = Uploader.queues.shift();
  if (!Uploader.auth) {
    Uploader.auth = true;
-    const success = await checkAuth(true);
+    try {
-    Uploader.auth = !!success;
+      await checkAuth()
    } catch {
      Uploader.auth = false;
    }
  }
  uploader.ajax();
 }
@@ -249,7 +308,7 @@ function addBreadcrumb(href, uri_prefix) {
    }
    const encodedName = encodedStr(name);
    if (i === 0) {
-      $breadcrumb.insertAdjacentHTML("beforeend", `<a href="${path}"><svg width="16" height="16" viewBox="0 0 16 16"><path d="M6.5 14.5v-3.505c0-.245.25-.495.5-.495h2c.25 0 .5.25.5.5v3.5a.5.5 0 0 0 .5.5h4a.5.5 0 0 0 .5-.5v-7a.5.5 0 0 0-.146-.354L13 5.793V2.5a.5.5 0 0 0-.5-.5h-1a.5.5 0 0 0-.5.5v1.293L8.354 1.146a.5.5 0 0 0-.708 0l-6 6A.5.5 0 0 0 1.5 7.5v7a.5.5 0 0 0 .5.5h4a.5.5 0 0 0 .5-.5z"/></svg></a>`);
+      $breadcrumb.insertAdjacentHTML("beforeend", `<a href="${path}" title="Root"><svg width="16" height="16" viewBox="0 0 16 16"><path d="M6.5 14.5v-3.505c0-.245.25-.495.5-.495h2c.25 0 .5.25.5.5v3.5a.5.5 0 0 0 .5.5h4a.5.5 0 0 0 .5-.5v-7a.5.5 0 0 0-.146-.354L13 5.793V2.5a.5.5 0 0 0-.5-.5h-1a.5.5 0 0 0-.5.5v1.293L8.354 1.146a.5.5 0 0 0-.708 0l-6 6A.5.5 0 0 0 1.5 7.5v7a.5.5 0 0 0 .5.5h4a.5.5 0 0 0 .5-.5z"/></svg></a>`);
    } else if (i === len - 1) {
      $breadcrumb.insertAdjacentHTML("beforeend", `<b>${encodedName}</b>`);
    } else {
@@ -313,13 +372,13 @@ function renderPathsTableHead() {
    <tr>
      ${headerItems.map(item => {
    let svg = `<svg width="12" height="12" viewBox="0 0 16 16"><path fill-rule="evenodd" d="M11.5 15a.5.5 0 0 0 .5-.5V2.707l3.146 3.147a.5.5 0 0 0 .708-.708l-4-4a.5.5 0 0 0-.708 0l-4 4a.5.5 0 1 0 .708.708L11 2.707V14.5a.5.5 0 0 0 .5.5zm-7-14a.5.5 0 0 1 .5.5v11.793l3.146-3.147a.5.5 0 0 1 .708.708l-4 4a.5.5 0 0 1-.708 0l-4-4a.5.5 0 0 1 .708-.708L4 13.293V1.5a.5.5 0 0 1 .5-.5z"/></svg>`;
-    let order = "asc";
+    let order = "desc";
    if (PARAMS.sort === item.name) {
-      if (PARAMS.order === "asc") {
+      if (PARAMS.order === "desc") {
-        order = "desc";
+        order = "asc";
        svg = `<svg width="12" height="12" viewBox="0 0 16 16"><path fill-rule="evenodd" d="M8 15a.5.5 0 0 0 .5-.5V2.707l3.146 3.147a.5.5 0 0 0 .708-.708l-4-4a.5.5 0 0 0-.708 0l-4 4a.5.5 0 1 0 .708.708L7.5 2.707V14.5a.5.5 0 0 0 .5.5z"/></svg>`
      } else {
        svg = `<svg width="12" height="12" viewBox="0 0 16 16"><path fill-rule="evenodd" d="M8 1a.5.5 0 0 1 .5.5v11.793l3.146-3.147a.5.5 0 0 1 .708.708l-4 4a.5.5 0 0 1-.708 0l-4-4a.5.5 0 0 1 .708-.708L7.5 13.293V1.5A.5.5 0 0 1 8 1z"/></svg>`
      } else {
        svg = `<svg width="12" height="12" viewBox="0 0 16 16"><path fill-rule="evenodd" d="M8 15a.5.5 0 0 0 .5-.5V2.707l3.146 3.147a.5.5 0 0 0 .708-.708l-4-4a.5.5 0 0 0-.708 0l-4 4a.5.5 0 1 0 .708.708L7.5 2.707V14.5a.5.5 0 0 0 .5.5z"/></svg>`
      }
    }
    const qs = new URLSearchParams({ ...PARAMS, order, sort: item.name }).toString();
@@ -361,6 +420,7 @@ function addPath(file, index) {
  let actionDownload = "";
  let actionMove = "";
  let actionEdit = "";
  let actionView = "";
  let isDir = file.path_type.endsWith("Dir");
  if (isDir) {
    url += "/";
@@ -386,9 +446,13 @@ function addPath(file, index) {
    actionDelete = `
    <div onclick="deletePath(${index})" class="action-btn" id="deleteBtn${index}" title="Delete">${ICONS.delete}</div>`;
  }
  if (!actionEdit && !isDir) {
    actionView = `<a class="action-btn" title="View file" target="_blank" href="${url}?view">${ICONS.view}</a>`;
  }
  let actionCell = `
  <td class="cell-actions">
    ${actionDownload}
    ${actionView}
    ${actionMove}
    ${actionDelete}
    ${actionEdit}
@@ -435,11 +499,18 @@ function setupDropzone() {
 function setupAuth() {
  if (DATA.user) {
    $userBtn.classList.remove("hidden");
-    $userBtn.title = DATA.user;
+    $userName.textContent = DATA.user;
  } else {
    const $loginBtn = document.querySelector(".login-btn");
    $loginBtn.classList.remove("hidden");
-    $loginBtn.addEventListener("click", () => checkAuth(true));
+    $loginBtn.addEventListener("click", async () => {
      try {
        await checkAuth()
        location.reload();
      } catch (err) {
        alert(err.message);
      }
    });
  }
 }
@@ -489,13 +560,14 @@ function setupNewFile() {
  });
 }
-async function setupEditPage() {
+async function setupEditorPage() {
  const url = baseUrl();
  const $download = document.querySelector(".download");
  $download.classList.remove("hidden");
  $download.href = url;
  if (DATA.kind == "Edit") {
    const $moveFile = document.querySelector(".move-file");
    $moveFile.classList.remove("hidden");
    $moveFile.addEventListener("click", async () => {
@@ -516,6 +588,13 @@ async function setupEditPage() {
      });
    })
    const $saveBtn = document.querySelector(".save-btn");
    $saveBtn.classList.remove("hidden");
    $saveBtn.addEventListener("click", saveChange);
  } else if (DATA.kind == "View") {
    $editor.readonly = true;
  }
  if (!DATA.editable) {
    const $notEditable = document.querySelector(".not-editable");
    const url = baseUrl();
@@ -529,10 +608,6 @@ async function setupEditPage() {
    return;
  }
  const $saveBtn = document.querySelector(".save-btn");
  $saveBtn.classList.remove("hidden");
  $saveBtn.addEventListener("click", saveChange);
  $editor.classList.remove("hidden");
  try {
    const res = await fetch(baseUrl());
@@ -651,25 +726,15 @@ async function saveChange() {
  }
 }
-async function checkAuth(alert = false) {
+async function checkAuth() {
  if (!DATA.auth) return;
  try {
  const res = await fetch(baseUrl(), {
    method: "WRITEABLE",
  });
  await assertResOK(res);
  document.querySelector(".login-btn").classList.add("hidden");
  $userBtn.classList.remove("hidden");
-    $userBtn.title = "";
+  $userName.textContent = "";
    return true;
  } catch (err) {
    let message = `Check auth, ${err.message}`;
    if (alert) {
      alert(message);
    } else {
      throw new Error(message);
    }
  }
 }
 /**
@@ -712,8 +777,16 @@ async function addFileEntries(entries, dirs) {
        new Uploader(file, dirs).upload();
      });
    } else if (entry.isDirectory) {
-      const dirReader = entry.createReader()
+      const dirReader = entry.createReader();
-      dirReader.readEntries(entries => addFileEntries(entries, [...dirs, entry.name]));
+
      const successCallback = entries => {
        if (entries.length > 0) {
          addFileEntries(entries, [...dirs, entry.name]);
          dirReader.readEntries(successCallback);
        }
      };
      dirReader.readEntries(successCallback);
    }
  }
 }
@@ -773,7 +846,7 @@ function padZero(value, size) {
 }
 function formatSize(size) {
-  if (size == null) return []
+  if (size == null) return [0, "B"]
  const sizes = ['B', 'KB', 'MB', 'GB', 'TB'];
  if (size == 0) return [0, "B"];
  const i = parseInt(Math.floor(Math.log(size) / Math.log(1024)));
@@ -808,7 +881,7 @@ function encodedStr(rawStr) {
 async function assertResOK(res) {
  if (!(res.status >= 200 && res.status < 300)) {
-    throw new Error(await res.text())
+    throw new Error(await res.text() || `Invalid status ${res.status}`);
  }
 }
--- a/src/args.rs
+++ b/src/args.rs
@@ -1,18 +1,16 @@
 use anyhow::{bail, Context, Result};
-use clap::builder::PossibleValuesParser;
+use async_zip::Compression;
-use clap::{value_parser, Arg, ArgAction, ArgMatches, Command};
+use clap::builder::{PossibleValue, PossibleValuesParser};
 use clap::{value_parser, Arg, ArgAction, ArgMatches, Command, ValueEnum};
 use clap_complete::{generate, Generator, Shell};
-#[cfg(feature = "tls")]
+use serde::{Deserialize, Deserializer};
-use rustls::{Certificate, PrivateKey};
+use smart_default::SmartDefault;
 use std::env;
 use std::net::IpAddr;
 use std::path::{Path, PathBuf};
 use crate::auth::AccessControl;
-use crate::auth::AuthMethod;
+use crate::http_logger::HttpLogger;
 use crate::log_http::{LogHttp, DEFAULT_LOG_FORMAT};
 #[cfg(feature = "tls")]
 use crate::tls::{load_certs, load_private_key};
 use crate::utils::encode_uri;
 pub fn build_cli() -> Command {
@@ -25,12 +23,21 @@ pub fn build_cli() -> Command {
            env!("CARGO_PKG_REPOSITORY")
        ))
        .arg(
-            Arg::new("serve_path")
+            Arg::new("serve-path")
                .env("DUFS_SERVE_PATH")
 				.hide_env(true)
                .default_value(".")
                .value_parser(value_parser!(PathBuf))
-                .help("Specific path to serve"),
+                .help("Specific path to serve [default: .]"),
        )
        .arg(
            Arg::new("config")
                .env("DUFS_CONFIG")
 				.hide_env(true)
                .short('c')
                .long("config")
                .value_parser(value_parser!(PathBuf))
                .help("Specify configuration file")
                .value_name("file"),
        )
        .arg(
            Arg::new("bind")
@@ -49,9 +56,8 @@ pub fn build_cli() -> Command {
 				.hide_env(true)
                .short('p')
                .long("port")
                .default_value("5000")
                .value_parser(value_parser!(u16))
-                .help("Specify port to listen on")
+                .help("Specify port to listen on [default: 5000]")
                .value_name("port"),
        )
        .arg(
@@ -67,7 +73,9 @@ pub fn build_cli() -> Command {
                .env("DUFS_HIDDEN")
 				.hide_env(true)
                .long("hidden")
-                .help("Hide paths from directory listings, separated by `,`")
+                .action(ArgAction::Append)
                .value_delimiter(',')
                .help("Hide paths from directory listings, e.g. tmp,*.log,*.lock")
                .value_name("value"),
        )
        .arg(
@@ -76,13 +84,13 @@ pub fn build_cli() -> Command {
 				.hide_env(true)
                .short('a')
                .long("auth")
-                .help("Add auth role")
+                .help("Add auth roles, e.g. user:pass@/dir1:rw,/dir2")
                .action(ArgAction::Append)
                .value_delimiter('|')
                .value_name("rules"),
        )
        .arg(
            Arg::new("auth-method")
                .hide(true)
                .env("DUFS_AUTH_METHOD")
 				.hide_env(true)
                .long("auth-method")
@@ -177,9 +185,33 @@ pub fn build_cli() -> Command {
                .env("DUFS_ASSETS")
 				.hide_env(true)
                .long("assets")
-                .help("Use custom assets to override builtin assets")
+                .help("Set the path to the assets directory for overriding the built-in assets")
                .value_parser(value_parser!(PathBuf))
                .value_name("path")
        )
        .arg(
            Arg::new("log-format")
                .env("DUFS_LOG_FORMAT")
                .hide_env(true)
                .long("log-format")
                .value_name("format")
                .help("Customize http log format"),
        )
        .arg(
            Arg::new("compress")
                .env("DUFS_COMPRESS")
                .hide_env(true)
                .value_parser(clap::builder::EnumValueParser::<Compress>::new())
                .long("compress")
                .value_name("level")
                .help("Set zip compress level [default: low]")
        )
        .arg(
            Arg::new("completions")
                .long("completions")
                .value_name("shell")
                .value_parser(value_parser!(Shell))
                .help("Print shell completion script for <shell>"),
        );
    #[cfg(feature = "tls")]
@@ -203,38 +235,38 @@ pub fn build_cli() -> Command {
                .help("Path to the SSL/TLS certificate's private key"),
        );
-    app.arg(
+    app
        Arg::new("log-format")
            .env("DUFS_LOG_FORMAT")
            .hide_env(true)
            .long("log-format")
            .value_name("format")
            .help("Customize http log format"),
    )
    .arg(
        Arg::new("completions")
            .long("completions")
            .value_name("shell")
            .value_parser(value_parser!(Shell))
            .help("Print shell completion script for <shell>"),
    )
 }
 pub fn print_completions<G: Generator>(gen: G, cmd: &mut Command) {
    generate(gen, cmd, cmd.get_name().to_string(), &mut std::io::stdout());
 }
-#[derive(Debug)]
+#[derive(Debug, Deserialize, SmartDefault, PartialEq)]
 #[serde(default)]
 #[serde(rename_all = "kebab-case")]
 pub struct Args {
    #[serde(default = "default_serve_path")]
    #[default(default_serve_path())]
    pub serve_path: PathBuf,
    #[serde(deserialize_with = "deserialize_bind_addrs")]
    #[serde(rename = "bind")]
    #[serde(default = "default_addrs")]
    #[default(default_addrs())]
    pub addrs: Vec<BindAddr>,
    #[serde(default = "default_port")]
    #[default(default_port())]
    pub port: u16,
-    pub path: PathBuf,
+    #[serde(skip)]
    pub path_is_file: bool,
    pub path_prefix: String,
    #[serde(skip)]
    pub uri_prefix: String,
    #[serde(deserialize_with = "deserialize_string_or_vec")]
    pub hidden: Vec<String>,
-    pub auth_method: AuthMethod,
+    #[serde(deserialize_with = "deserialize_access_control")]
    pub auth: AccessControl,
    pub allow_all: bool,
    pub allow_upload: bool,
    pub allow_delete: bool,
    pub allow_search: bool,
@@ -244,12 +276,13 @@ pub struct Args {
    pub render_spa: bool,
    pub render_try_index: bool,
    pub enable_cors: bool,
-    pub assets_path: Option<PathBuf>,
+    pub assets: Option<PathBuf>,
-    pub log_http: LogHttp,
+    #[serde(deserialize_with = "deserialize_log_http")]
-    #[cfg(feature = "tls")]
+    #[serde(rename = "log-format")]
-    pub tls: Option<(Vec<Certificate>, PrivateKey)>,
+    pub http_logger: HttpLogger,
-    #[cfg(not(feature = "tls"))]
+    pub compress: Compress,
-    pub tls: Option<()>,
+    pub tls_cert: Option<PathBuf>,
    pub tls_key: Option<PathBuf>,
 }
 impl Args {
@@ -258,95 +291,168 @@ impl Args {
    /// If a parsing error occurred, exit the process and print out informative
    /// error message to user.
    pub fn parse(matches: ArgMatches) -> Result<Args> {
-        let port = *matches.get_one::<u16>("port").unwrap();
+        let mut args = Self::default();
-        let addrs = matches
+
-            .get_many::<String>("bind")
+        if let Some(config_path) = matches.get_one::<PathBuf>("config") {
-            .map(|bind| bind.map(|v| v.as_str()).collect())
+            let contents = std::fs::read_to_string(config_path)
-            .unwrap_or_else(|| vec!["0.0.0.0", "::"]);
+                .with_context(|| format!("Failed to read config at {}", config_path.display()))?;
-        let addrs: Vec<BindAddr> = Args::parse_addrs(&addrs)?;
+            args = serde_yaml::from_str(&contents)
-        let path = Args::parse_path(matches.get_one::<PathBuf>("serve_path").unwrap())?;
+                .with_context(|| format!("Failed to load config at {}", config_path.display()))?;
-        let path_is_file = path.metadata()?.is_file();
+        }
-        let path_prefix = matches
+
-            .get_one::<String>("path-prefix")
+        if let Some(path) = matches.get_one::<PathBuf>("serve-path") {
-            .map(|v| v.trim_matches('/').to_owned())
+            args.serve_path = path.clone()
-            .unwrap_or_default();
+        }
-        let uri_prefix = if path_prefix.is_empty() {
+
        args.serve_path = Self::sanitize_path(args.serve_path)?;
        if let Some(port) = matches.get_one::<u16>("port") {
            args.port = *port
        }
        if let Some(addrs) = matches.get_many::<String>("bind") {
            let addrs: Vec<_> = addrs.map(|v| v.as_str()).collect();
            args.addrs = BindAddr::parse_addrs(&addrs)?;
        }
        args.path_is_file = args.serve_path.metadata()?.is_file();
        if let Some(path_prefix) = matches.get_one::<String>("path-prefix") {
            args.path_prefix = path_prefix.clone();
        }
        args.path_prefix = args.path_prefix.trim_matches('/').to_string();
        args.uri_prefix = if args.path_prefix.is_empty() {
            "/".to_owned()
        } else {
-            format!("/{}/", &encode_uri(&path_prefix))
+            format!("/{}/", &encode_uri(&args.path_prefix))
        };
-        let hidden: Vec<String> = matches
+
-            .get_one::<String>("hidden")
+        if let Some(hidden) = matches.get_many::<String>("hidden") {
-            .map(|v| v.split(',').map(|x| x.to_string()).collect())
+            args.hidden = hidden.cloned().collect();
-            .unwrap_or_default();
+        } else {
-        let enable_cors = matches.get_flag("enable-cors");
+            let mut hidden = vec![];
-        let auth: Vec<&str> = matches
+            std::mem::swap(&mut args.hidden, &mut hidden);
-            .get_many::<String>("auth")
+            args.hidden = hidden
-            .map(|auth| auth.map(|v| v.as_str()).collect())
+                .into_iter()
-            .unwrap_or_default();
+                .flat_map(|v| v.split(',').map(|v| v.to_string()).collect::<Vec<String>>())
-        let auth_method = match matches.get_one::<String>("auth-method").unwrap().as_str() {
+                .collect();
-            "basic" => AuthMethod::Basic,
+        }
-            _ => AuthMethod::Digest,
+
-        };
+        if !args.enable_cors {
-        let auth = AccessControl::new(&auth)?;
+            args.enable_cors = matches.get_flag("enable-cors");
-        let allow_upload = matches.get_flag("allow-all") || matches.get_flag("allow-upload");
+        }
-        let allow_delete = matches.get_flag("allow-all") || matches.get_flag("allow-delete");
+
-        let allow_search = matches.get_flag("allow-all") || matches.get_flag("allow-search");
+        if let Some(rules) = matches.get_many::<String>("auth") {
-        let allow_symlink = matches.get_flag("allow-all") || matches.get_flag("allow-symlink");
+            let rules: Vec<_> = rules.map(|v| v.as_str()).collect();
-        let allow_archive = matches.get_flag("allow-all") || matches.get_flag("allow-archive");
+            args.auth = AccessControl::new(&rules)?;
-        let render_index = matches.get_flag("render-index");
+        }
-        let render_try_index = matches.get_flag("render-try-index");
+
-        let render_spa = matches.get_flag("render-spa");
+        if !args.allow_all {
            args.allow_all = matches.get_flag("allow-all");
        }
        let allow_all = args.allow_all;
        if !args.allow_upload {
            args.allow_upload = allow_all || matches.get_flag("allow-upload");
        }
        if !args.allow_delete {
            args.allow_delete = allow_all || matches.get_flag("allow-delete");
        }
        if !args.allow_search {
            args.allow_search = allow_all || matches.get_flag("allow-search");
        }
        if !args.allow_symlink {
            args.allow_symlink = allow_all || matches.get_flag("allow-symlink");
        }
        if !args.allow_archive {
            args.allow_archive = allow_all || matches.get_flag("allow-archive");
        }
        if !args.render_index {
            args.render_index = matches.get_flag("render-index");
        }
        if !args.render_try_index {
            args.render_try_index = matches.get_flag("render-try-index");
        }
        if !args.render_spa {
            args.render_spa = matches.get_flag("render-spa");
        }
        if let Some(assets_path) = matches.get_one::<PathBuf>("assets") {
            args.assets = Some(assets_path.clone());
        }
        if let Some(assets_path) = &args.assets {
            args.assets = Some(Args::sanitize_assets_path(assets_path)?);
        }
        if let Some(log_format) = matches.get_one::<String>("log-format") {
            args.http_logger = log_format.parse()?;
        }
        if let Some(compress) = matches.get_one::<Compress>("compress") {
            args.compress = *compress;
        }
        #[cfg(feature = "tls")]
-        let tls = match (
+        {
-            matches.get_one::<PathBuf>("tls-cert"),
+            if let Some(tls_cert) = matches.get_one::<PathBuf>("tls-cert") {
-            matches.get_one::<PathBuf>("tls-key"),
+                args.tls_cert = Some(tls_cert.clone())
-        ) {
+            }
-            (Some(certs_file), Some(key_file)) => {
+
-                let certs = load_certs(certs_file)?;
+            if let Some(tls_key) = matches.get_one::<PathBuf>("tls-key") {
-                let key = load_private_key(key_file)?;
+                args.tls_key = Some(tls_key.clone())
-                Some((certs, key))
+            }
            match (&args.tls_cert, &args.tls_key) {
                (Some(_), Some(_)) => {}
                (Some(_), _) => bail!("No tls-key set"),
                (_, Some(_)) => bail!("No tls-cert set"),
                (None, None) => {}
            }
        }
            _ => None,
        };
        #[cfg(not(feature = "tls"))]
-        let tls = None;
+        {
-        let log_http: LogHttp = matches
+            args.tls_cert = None;
-            .get_one::<String>("log-format")
+            args.tls_key = None;
            .map(|v| v.as_str())
            .unwrap_or(DEFAULT_LOG_FORMAT)
            .parse()?;
        let assets_path = match matches.get_one::<PathBuf>("assets") {
            Some(v) => Some(Args::parse_assets_path(v)?),
            None => None,
        };
        Ok(Args {
            addrs,
            port,
            path,
            path_is_file,
            path_prefix,
            uri_prefix,
            hidden,
            auth_method,
            auth,
            enable_cors,
            allow_delete,
            allow_upload,
            allow_search,
            allow_symlink,
            allow_archive,
            render_index,
            render_try_index,
            render_spa,
            tls,
            log_http,
            assets_path,
        })
        }
-    fn parse_addrs(addrs: &[&str]) -> Result<Vec<BindAddr>> {
+        Ok(args)
    }
    fn sanitize_path<P: AsRef<Path>>(path: P) -> Result<PathBuf> {
        let path = path.as_ref();
        if !path.exists() {
            bail!("Path `{}` doesn't exist", path.display());
        }
        env::current_dir()
            .and_then(|mut p| {
                p.push(path); // If path is absolute, it replaces the current path.
                std::fs::canonicalize(p)
            })
            .with_context(|| format!("Failed to access path `{}`", path.display()))
    }
    fn sanitize_assets_path<P: AsRef<Path>>(path: P) -> Result<PathBuf> {
        let path = Self::sanitize_path(path)?;
        if !path.join("index.html").exists() {
            bail!("Path `{}` doesn't contains index.html", path.display());
        }
        Ok(path)
    }
 }
 #[derive(Debug, Clone, PartialEq, Eq, PartialOrd, Ord)]
 pub enum BindAddr {
    Address(IpAddr),
    Path(PathBuf),
 }
 impl BindAddr {
    fn parse_addrs(addrs: &[&str]) -> Result<Vec<Self>> {
        let mut bind_addrs = vec![];
        let mut invalid_addrs = vec![];
        for addr in addrs {
@@ -368,32 +474,262 @@ impl Args {
        }
        Ok(bind_addrs)
    }
 }
-    fn parse_path<P: AsRef<Path>>(path: P) -> Result<PathBuf> {
+#[derive(Debug, Clone, Copy, PartialEq, Deserialize)]
-        let path = path.as_ref();
+#[serde(rename_all = "lowercase")]
-        if !path.exists() {
+pub enum Compress {
-            bail!("Path `{}` doesn't exist", path.display());
+    None,
    Low,
    Medium,
    High,
 }
 impl Default for Compress {
    fn default() -> Self {
        Self::Low
    }
 }
 impl ValueEnum for Compress {
    fn value_variants<'a>() -> &'a [Self] {
        &[Self::None, Self::Low, Self::Medium, Self::High]
    }
-        env::current_dir()
+    fn to_possible_value(&self) -> Option<clap::builder::PossibleValue> {
-            .and_then(|mut p| {
+        Some(match self {
-                p.push(path); // If path is absolute, it replaces the current path.
+            Compress::None => PossibleValue::new("none"),
-                std::fs::canonicalize(p)
+            Compress::Low => PossibleValue::new("low"),
            Compress::Medium => PossibleValue::new("medium"),
            Compress::High => PossibleValue::new("high"),
        })
            .with_context(|| format!("Failed to access path `{}`", path.display()))
    }
    fn parse_assets_path<P: AsRef<Path>>(path: P) -> Result<PathBuf> {
        let path = Self::parse_path(path)?;
        if !path.join("index.html").exists() {
            bail!("Path `{}` doesn't contains index.html", path.display());
        }
        Ok(path)
    }
 }
-#[derive(Debug, Clone, PartialEq, Eq, PartialOrd, Ord)]
+impl Compress {
-pub enum BindAddr {
+    pub fn to_compression(self) -> Compression {
-    Address(IpAddr),
+        match self {
-    Path(PathBuf),
+            Compress::None => Compression::Stored,
            Compress::Low => Compression::Deflate,
            Compress::Medium => Compression::Bz,
            Compress::High => Compression::Xz,
        }
    }
 }
 fn deserialize_bind_addrs<'de, D>(deserializer: D) -> Result<Vec<BindAddr>, D::Error>
 where
    D: Deserializer<'de>,
 {
    struct StringOrVec;
    impl<'de> serde::de::Visitor<'de> for StringOrVec {
        type Value = Vec<BindAddr>;
        fn expecting(&self, formatter: &mut std::fmt::Formatter) -> std::fmt::Result {
            formatter.write_str("string or list of strings")
        }
        fn visit_str<E>(self, s: &str) -> Result<Self::Value, E>
        where
            E: serde::de::Error,
        {
            BindAddr::parse_addrs(&[s]).map_err(serde::de::Error::custom)
        }
        fn visit_seq<S>(self, seq: S) -> Result<Self::Value, S::Error>
        where
            S: serde::de::SeqAccess<'de>,
        {
            let addrs: Vec<&'de str> =
                Deserialize::deserialize(serde::de::value::SeqAccessDeserializer::new(seq))?;
            BindAddr::parse_addrs(&addrs).map_err(serde::de::Error::custom)
        }
    }
    deserializer.deserialize_any(StringOrVec)
 }
 fn deserialize_string_or_vec<'de, D>(deserializer: D) -> Result<Vec<String>, D::Error>
 where
    D: Deserializer<'de>,
 {
    struct StringOrVec;
    impl<'de> serde::de::Visitor<'de> for StringOrVec {
        type Value = Vec<String>;
        fn expecting(&self, formatter: &mut std::fmt::Formatter) -> std::fmt::Result {
            formatter.write_str("string or list of strings")
        }
        fn visit_str<E>(self, s: &str) -> Result<Self::Value, E>
        where
            E: serde::de::Error,
        {
            Ok(vec![s.to_owned()])
        }
        fn visit_seq<S>(self, seq: S) -> Result<Self::Value, S::Error>
        where
            S: serde::de::SeqAccess<'de>,
        {
            Deserialize::deserialize(serde::de::value::SeqAccessDeserializer::new(seq))
        }
    }
    deserializer.deserialize_any(StringOrVec)
 }
 fn deserialize_access_control<'de, D>(deserializer: D) -> Result<AccessControl, D::Error>
 where
    D: Deserializer<'de>,
 {
    let rules: Vec<&str> = Vec::deserialize(deserializer)?;
    AccessControl::new(&rules).map_err(serde::de::Error::custom)
 }
 fn deserialize_log_http<'de, D>(deserializer: D) -> Result<HttpLogger, D::Error>
 where
    D: Deserializer<'de>,
 {
    let value: String = Deserialize::deserialize(deserializer)?;
    value.parse().map_err(serde::de::Error::custom)
 }
 fn default_serve_path() -> PathBuf {
    PathBuf::from(".")
 }
 fn default_addrs() -> Vec<BindAddr> {
    BindAddr::parse_addrs(&["0.0.0.0", "::"]).unwrap()
 }
 fn default_port() -> u16 {
    5000
 }
 #[cfg(test)]
 mod tests {
    use super::*;
    use assert_fs::prelude::*;
    #[test]
    fn test_default() {
        let cli = build_cli();
        let matches = cli.try_get_matches_from(vec![""]).unwrap();
        let args = Args::parse(matches).unwrap();
        let cwd = Args::sanitize_path(std::env::current_dir().unwrap()).unwrap();
        assert_eq!(args.serve_path, cwd);
        assert_eq!(args.port, default_port());
        assert_eq!(args.addrs, default_addrs());
    }
    #[test]
    fn test_args_from_cli1() {
        let tmpdir = assert_fs::TempDir::new().unwrap();
        let cli = build_cli();
        let matches = cli
            .try_get_matches_from(vec![
                "",
                "--hidden",
                "tmp,*.log,*.lock",
                &tmpdir.to_string_lossy(),
            ])
            .unwrap();
        let args = Args::parse(matches).unwrap();
        assert_eq!(args.serve_path, Args::sanitize_path(&tmpdir).unwrap());
        assert_eq!(args.hidden, ["tmp", "*.log", "*.lock"]);
    }
    #[test]
    fn test_args_from_cli2() {
        let cli = build_cli();
        let matches = cli
            .try_get_matches_from(vec![
                "", "--hidden", "tmp", "--hidden", "*.log", "--hidden", "*.lock",
            ])
            .unwrap();
        let args = Args::parse(matches).unwrap();
        assert_eq!(args.hidden, ["tmp", "*.log", "*.lock"]);
    }
    #[test]
    fn test_args_from_empty_config_file() {
        let tmpdir = assert_fs::TempDir::new().unwrap();
        let config_file = tmpdir.child("config.yaml");
        config_file.write_str("").unwrap();
        let cli = build_cli();
        let matches = cli
            .try_get_matches_from(vec!["", "-c", &config_file.to_string_lossy()])
            .unwrap();
        let args = Args::parse(matches).unwrap();
        let cwd = Args::sanitize_path(std::env::current_dir().unwrap()).unwrap();
        assert_eq!(args.serve_path, cwd);
        assert_eq!(args.port, default_port());
        assert_eq!(args.addrs, default_addrs());
    }
    #[test]
    fn test_args_from_config_file1() {
        let tmpdir = assert_fs::TempDir::new().unwrap();
        let config_file = tmpdir.child("config.yaml");
        let contents = format!(
            r#"
 serve-path: {}
 bind: 0.0.0.0
 port: 3000
 allow-upload: true
 hidden: tmp,*.log,*.lock
 "#,
            tmpdir.display()
        );
        config_file.write_str(&contents).unwrap();
        let cli = build_cli();
        let matches = cli
            .try_get_matches_from(vec!["", "-c", &config_file.to_string_lossy()])
            .unwrap();
        let args = Args::parse(matches).unwrap();
        assert_eq!(args.serve_path, Args::sanitize_path(&tmpdir).unwrap());
        assert_eq!(
            args.addrs,
            vec![BindAddr::Address("0.0.0.0".parse().unwrap())]
        );
        assert_eq!(args.hidden, ["tmp", "*.log", "*.lock"]);
        assert_eq!(args.port, 3000);
        assert!(args.allow_upload);
    }
    #[test]
    fn test_args_from_config_file2() {
        let tmpdir = assert_fs::TempDir::new().unwrap();
        let config_file = tmpdir.child("config.yaml");
        let contents = r#"
 bind:
  - 127.0.0.1
  - 192.168.8.10
 hidden:
  - tmp
  - '*.log'
  - '*.lock'
 "#;
        config_file.write_str(contents).unwrap();
        let cli = build_cli();
        let matches = cli
            .try_get_matches_from(vec!["", "-c", &config_file.to_string_lossy()])
            .unwrap();
        let args = Args::parse(matches).unwrap();
        assert_eq!(
            args.addrs,
            vec![
                BindAddr::Address("127.0.0.1".parse().unwrap()),
                BindAddr::Address("192.168.8.10".parse().unwrap())
            ]
        );
        assert_eq!(args.hidden, ["tmp", "*.log", "*.lock"]);
    }
 }
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -1,7 +1,9 @@
 use crate::{args::Args, server::Response, utils::unix_now};
 use anyhow::{anyhow, bail, Result};
 use base64::{engine::general_purpose, Engine as _};
 use headers::HeaderValue;
-use hyper::Method;
+use hyper::{header::WWW_AUTHENTICATE, Method};
 use indexmap::IndexMap;
 use lazy_static::lazy_static;
 use md5::Context;
@@ -11,10 +13,8 @@ use std::{
 };
 use uuid::Uuid;
 use crate::utils::unix_now;
 const REALM: &str = "DUFS";
-const DIGEST_AUTH_TIMEOUT: u32 = 86400;
+const DIGEST_AUTH_TIMEOUT: u32 = 604800; // 7 days
 lazy_static! {
    static ref NONCESTARTHASH: Context = {
@@ -25,63 +25,74 @@ lazy_static! {
    };
 }
-#[derive(Debug, Default)]
+#[derive(Debug, Clone, PartialEq)]
 pub struct AccessControl {
    use_hashed_password: bool,
    users: IndexMap<String, (String, AccessPaths)>,
    anony: Option<AccessPaths>,
 }
 impl Default for AccessControl {
    fn default() -> Self {
        AccessControl {
            use_hashed_password: false,
            anony: Some(AccessPaths::new(AccessPerm::ReadWrite)),
            users: IndexMap::new(),
        }
    }
 }
 impl AccessControl {
    pub fn new(raw_rules: &[&str]) -> Result<Self> {
        if raw_rules.is_empty() {
-            return Ok(AccessControl {
+            return Ok(Default::default());
                anony: Some(AccessPaths::new(AccessPerm::ReadWrite)),
                users: IndexMap::new(),
            });
        }
-
+        let new_raw_rules = split_rules(raw_rules);
-        let create_err = |v: &str| anyhow!("Invalid auth `{v}`");
+        let mut use_hashed_password = false;
-        let mut anony = None;
+        let mut annoy_paths = None;
-        let mut anony_paths = vec![];
+        let mut account_paths_pairs = vec![];
-        let mut users = IndexMap::new();
+        for rule in &new_raw_rules {
-        for rule in raw_rules {
+            let (account, paths) =
-            let (user, list) = rule.split_once('@').ok_or_else(|| create_err(rule))?;
+                split_account_paths(rule).ok_or_else(|| anyhow!("Invalid auth `{rule}`"))?;
-            if user.is_empty() && anony.is_some() {
+            if account.is_empty() {
-                bail!("Invalid auth, duplicate anonymous rules");
+                if annoy_paths.is_some() {
                    bail!("Invalid auth, no duplicate anonymous rules");
                }
-            let mut paths = AccessPaths::default();
+                annoy_paths = Some(paths)
-            for value in list.trim_matches(',').split(',') {
+            } else if let Some((user, pass)) = account.split_once(':') {
                let (path, perm) = match value.split_once(':') {
                    None => (value, AccessPerm::ReadOnly),
                    Some((path, "rw")) => (path, AccessPerm::ReadWrite),
                    _ => return Err(create_err(rule)),
                };
                if user.is_empty() {
                    anony_paths.push((path, perm));
                }
                paths.add(path, perm);
            }
            if user.is_empty() {
                anony = Some(paths);
            } else if let Some((user, pass)) = user.split_once(':') {
                if user.is_empty() || pass.is_empty() {
-                    return Err(create_err(rule));
+                    bail!("Invalid auth `{rule}`");
                }
-                users.insert(user.to_string(), (pass.to_string(), paths));
+                account_paths_pairs.push((user, pass, paths));
            } else {
                return Err(create_err(rule));
            }
        }
-        for (path, perm) in anony_paths {
+        let mut anony = None;
-            for (_, (_, paths)) in users.iter_mut() {
+        if let Some(paths) = annoy_paths {
-                paths.add(path, perm)
+            let mut access_paths = AccessPaths::default();
            access_paths.merge(paths);
            anony = Some(access_paths);
        }
        let mut users = IndexMap::new();
        for (user, pass, paths) in account_paths_pairs.into_iter() {
            let mut access_paths = anony.clone().unwrap_or_default();
            access_paths
                .merge(paths)
                .ok_or_else(|| anyhow!("Invalid auth `{user}:{pass}@{paths}"))?;
            if pass.starts_with("$6$") {
                use_hashed_password = true;
            }
-        Ok(Self { users, anony })
+            users.insert(user.to_string(), (pass.to_string(), access_paths));
        }
-    pub fn valid(&self) -> bool {
+        Ok(Self {
-        !self.users.is_empty() || self.anony.is_some()
+            use_hashed_password,
            users,
            anony,
        })
    }
    pub fn exist(&self) -> bool {
        !self.users.is_empty()
    }
    pub fn guard(
@@ -89,18 +100,14 @@ impl AccessControl {
        path: &str,
        method: &Method,
        authorization: Option<&HeaderValue>,
        auth_method: AuthMethod,
    ) -> (Option<String>, Option<AccessPaths>) {
        if let Some(authorization) = authorization {
-            if let Some(user) = auth_method.get_user(authorization) {
+            if let Some(user) = get_auth_user(authorization) {
                if let Some((pass, paths)) = self.users.get(&user) {
                    if method == Method::OPTIONS {
                        return (Some(user), Some(AccessPaths::new(AccessPerm::ReadOnly)));
                    }
-                    if auth_method
+                    if check_auth(authorization, method.as_str(), &user, pass).is_some() {
                        .check(authorization, method.as_str(), &user, pass)
                        .is_some()
                    {
                        return (Some(user), paths.find(path, !is_readonly_method(method)));
                    } else {
                        return (None, None);
@@ -139,13 +146,27 @@ impl AccessPaths {
        self.perm
    }
-    fn set_perm(&mut self, perm: AccessPerm) {
+    pub fn set_perm(&mut self, perm: AccessPerm) {
-        if self.perm < perm {
+        if !perm.inherit() {
-            self.perm = perm
+            self.perm = perm;
        }
    }
-    pub fn add(&mut self, path: &str, perm: AccessPerm) {
+    pub fn merge(&mut self, paths: &str) -> Option<()> {
        for item in paths.trim_matches(',').split(',') {
            let (path, perm) = match item.split_once(':') {
                None => (item, AccessPerm::ReadOnly),
                Some((path, "ro")) => (path, AccessPerm::ReadOnly),
                Some((path, "rw")) => (path, AccessPerm::ReadWrite),
                Some((path, "-")) => (path, AccessPerm::Forbidden),
                _ => return None,
            };
            self.add(path, perm);
        }
        Some(())
    }
    fn add(&mut self, path: &str, perm: AccessPerm) {
        let path = path.trim_matches('/');
        if path.is_empty() {
            self.set_perm(perm);
@@ -172,6 +193,9 @@ impl AccessPaths {
            .filter(|v| !v.is_empty())
            .collect();
        let target = self.find_impl(&parts, self.perm)?;
        if target.perm().forbidden() {
            return None;
        }
        if writable && !target.perm().readwrite() {
            return None;
        }
@@ -179,9 +203,13 @@ impl AccessPaths {
    }
    fn find_impl(&self, parts: &[&str], perm: AccessPerm) -> Option<AccessPaths> {
-        let perm = self.perm.max(perm);
+        let perm = if !self.perm.inherit() {
            self.perm
        } else {
            perm
        };
        if parts.is_empty() {
-            if perm.indexonly() {
+            if perm.inherit() {
                return Some(self.clone());
            } else {
                return Some(AccessPaths::new(perm));
@@ -190,7 +218,7 @@ impl AccessPaths {
        let child = match self.children.get(parts[0]) {
            Some(v) => v,
            None => {
-                if perm.indexonly() {
+                if perm.inherit() {
                    return None;
                } else {
                    return Some(AccessPaths::new(perm));
@@ -200,24 +228,24 @@ impl AccessPaths {
        child.find_impl(&parts[1..], perm)
    }
-    pub fn child_paths(&self) -> Vec<&String> {
+    pub fn child_names(&self) -> Vec<&String> {
        self.children.keys().collect()
    }
-    pub fn leaf_paths(&self, base: &Path) -> Vec<PathBuf> {
+    pub fn child_paths(&self, base: &Path) -> Vec<PathBuf> {
-        if !self.perm().indexonly() {
+        if !self.perm().inherit() {
            return vec![base.to_path_buf()];
        }
        let mut output = vec![];
-        self.leaf_paths_impl(&mut output, base);
+        self.child_paths_impl(&mut output, base);
        output
    }
-    fn leaf_paths_impl(&self, output: &mut Vec<PathBuf>, base: &Path) {
+    fn child_paths_impl(&self, output: &mut Vec<PathBuf>, base: &Path) {
        for (name, child) in self.children.iter() {
            let base = base.join(name);
-            if child.perm().indexonly() {
+            if child.perm().inherit() {
-                child.leaf_paths_impl(output, &base);
+                child.child_paths_impl(output, &base);
            } else {
                output.push(base)
            }
@@ -228,97 +256,82 @@ impl AccessPaths {
 #[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Default)]
 pub enum AccessPerm {
    #[default]
-    IndexOnly,
+    Inherit,
    ReadWrite,
    ReadOnly,
    ReadWrite,
    Forbidden,
 }
 impl AccessPerm {
    pub fn inherit(&self) -> bool {
        self == &AccessPerm::Inherit
    }
    pub fn readwrite(&self) -> bool {
        self == &AccessPerm::ReadWrite
    }
-    pub fn indexonly(&self) -> bool {
+    pub fn forbidden(&self) -> bool {
-        self == &AccessPerm::IndexOnly
+        self == &AccessPerm::Forbidden
    }
 }
-fn is_readonly_method(method: &Method) -> bool {
+pub fn www_authenticate(res: &mut Response, args: &Args) -> Result<()> {
-    method == Method::GET
+    if args.auth.use_hashed_password {
-        || method == Method::OPTIONS
+        let basic = HeaderValue::from_str(&format!("Basic realm=\"{}\"", REALM))?;
-        || method == Method::HEAD
+        res.headers_mut().insert(WWW_AUTHENTICATE, basic);
-        || method.as_str() == "PROPFIND"
+    } else {
        let nonce = create_nonce()?;
        let digest = HeaderValue::from_str(&format!(
            "Digest realm=\"{}\", nonce=\"{}\", qop=\"auth\"",
            REALM, nonce
        ))?;
        let basic = HeaderValue::from_str(&format!("Basic realm=\"{}\"", REALM))?;
        res.headers_mut().append(WWW_AUTHENTICATE, digest);
        res.headers_mut().append(WWW_AUTHENTICATE, basic);
    }
    Ok(())
 }
-#[derive(Debug, Clone)]
+pub fn get_auth_user(authorization: &HeaderValue) -> Option<String> {
-pub enum AuthMethod {
+    if let Some(value) = strip_prefix(authorization.as_bytes(), b"Basic ") {
-    Basic,
+        let value: Vec<u8> = general_purpose::STANDARD.decode(value).ok()?;
    Digest,
 }
 impl AuthMethod {
    pub fn www_auth(&self, stale: bool) -> Result<String> {
        match self {
            AuthMethod::Basic => Ok(format!("Basic realm=\"{REALM}\"")),
            AuthMethod::Digest => {
                let str_stale = if stale { "stale=true," } else { "" };
                Ok(format!(
                    "Digest realm=\"{}\",nonce=\"{}\",{}qop=\"auth\"",
                    REALM,
                    create_nonce()?,
                    str_stale
                ))
            }
        }
    }
    pub fn get_user(&self, authorization: &HeaderValue) -> Option<String> {
        match self {
            AuthMethod::Basic => {
                let value: Vec<u8> = general_purpose::STANDARD
                    .decode(strip_prefix(authorization.as_bytes(), b"Basic ")?)
                    .ok()?;
        let parts: Vec<&str> = std::str::from_utf8(&value).ok()?.split(':').collect();
        Some(parts[0].to_string())
    } else if let Some(value) = strip_prefix(authorization.as_bytes(), b"Digest ") {
        let digest_map = to_headermap(value).ok()?;
        let username = digest_map.get(b"username".as_ref())?;
        std::str::from_utf8(username).map(|v| v.to_string()).ok()
    } else {
        None
    }
-            AuthMethod::Digest => {
+}
                let digest_value = strip_prefix(authorization.as_bytes(), b"Digest ")?;
                let digest_map = to_headermap(digest_value).ok()?;
                digest_map
                    .get(b"username".as_ref())
                    .and_then(|b| std::str::from_utf8(b).ok())
                    .map(|v| v.to_string())
            }
        }
    }
-    fn check(
+pub fn check_auth(
        &self,
    authorization: &HeaderValue,
    method: &str,
    auth_user: &str,
    auth_pass: &str,
-    ) -> Option<()> {
+) -> Option<()> {
-        match self {
+    if let Some(value) = strip_prefix(authorization.as_bytes(), b"Basic ") {
-            AuthMethod::Basic => {
+        let value: Vec<u8> = general_purpose::STANDARD.decode(value).ok()?;
-                let basic_value: Vec<u8> = general_purpose::STANDARD
+        let parts: Vec<&str> = std::str::from_utf8(&value).ok()?.split(':').collect();
                    .decode(strip_prefix(authorization.as_bytes(), b"Basic ")?)
                    .ok()?;
                let parts: Vec<&str> = std::str::from_utf8(&basic_value).ok()?.split(':').collect();
        if parts[0] != auth_user {
            return None;
        }
-                if parts[1] == auth_pass {
+        if auth_pass.starts_with("$6$") {
            if let Ok(()) = sha_crypt::sha512_check(parts[1], auth_pass) {
                return Some(());
            }
        } else if parts[1] == auth_pass {
            return Some(());
        }
        None
-            }
+    } else if let Some(value) = strip_prefix(authorization.as_bytes(), b"Digest ") {
-            AuthMethod::Digest => {
+        let digest_map = to_headermap(value).ok()?;
                let digest_value = strip_prefix(authorization.as_bytes(), b"Digest ")?;
                let digest_map = to_headermap(digest_value).ok()?;
        if let (Some(username), Some(nonce), Some(user_response)) = (
            digest_map
                .get(b"username".as_ref())
@@ -386,8 +399,8 @@ impl AuthMethod {
            }
        }
        None
-            }
+    } else {
-        }
+        None
    }
 }
@@ -419,6 +432,13 @@ fn validate_nonce(nonce: &[u8]) -> Result<bool> {
    bail!("invalid nonce");
 }
 fn is_readonly_method(method: &Method) -> bool {
    method == Method::GET
        || method == Method::OPTIONS
        || method == Method::HEAD
        || method.as_str() == "PROPFIND"
 }
 fn strip_prefix<'a>(search: &'a [u8], prefix: &[u8]) -> Option<&'a [u8]> {
    let l = prefix.len();
    if search.len() < l {
@@ -482,24 +502,91 @@ fn create_nonce() -> Result<String> {
    Ok(n[..34].to_string())
 }
 fn split_account_paths(s: &str) -> Option<(&str, &str)> {
    let i = s.find("@/")?;
    Some((&s[0..i], &s[i + 1..]))
 }
 fn split_rules(rules: &[&str]) -> Vec<String> {
    let mut output = vec![];
    for rule in rules {
        let parts: Vec<&str> = rule.split('|').collect();
        let mut rules_list = vec![];
        let mut concated_part = String::new();
        for (i, part) in parts.iter().enumerate() {
            if part.contains("@/") {
                concated_part.push_str(part);
                let mut concated_part_tmp = String::new();
                std::mem::swap(&mut concated_part_tmp, &mut concated_part);
                rules_list.push(concated_part_tmp);
                continue;
            }
            concated_part.push_str(part);
            if i < parts.len() - 1 {
                concated_part.push('|');
            }
        }
        if !concated_part.is_empty() {
            rules_list.push(concated_part)
        }
        output.extend(rules_list);
    }
    output
 }
 #[cfg(test)]
 mod tests {
    use super::*;
    #[test]
    fn test_split_account_paths() {
        assert_eq!(
            split_account_paths("user:pass@/:rw"),
            Some(("user:pass", "/:rw"))
        );
        assert_eq!(
            split_account_paths("user:pass@@/:rw"),
            Some(("user:pass@", "/:rw"))
        );
        assert_eq!(
            split_account_paths("user:pass@1@/:rw"),
            Some(("user:pass@1", "/:rw"))
        );
    }
    #[test]
    fn test_compact_split_rules() {
        assert_eq!(
            split_rules(&["user1:pass1@/:rw|user2:pass2@/:rw"]),
            ["user1:pass1@/:rw", "user2:pass2@/:rw"]
        );
        assert_eq!(
            split_rules(&["user1:pa|ss1@/:rw|user2:pa|ss2@/:rw"]),
            ["user1:pa|ss1@/:rw", "user2:pa|ss2@/:rw"]
        );
        assert_eq!(
            split_rules(&["user1:pa|ss1@/:rw|@/"]),
            ["user1:pa|ss1@/:rw", "@/"]
        );
    }
    #[test]
    fn test_access_paths() {
        let mut paths = AccessPaths::default();
        paths.add("/dir1", AccessPerm::ReadWrite);
-        paths.add("/dir2/dir1", AccessPerm::ReadWrite);
+        paths.add("/dir2/dir21", AccessPerm::ReadWrite);
-        paths.add("/dir2/dir2", AccessPerm::ReadOnly);
+        paths.add("/dir2/dir21/dir211", AccessPerm::ReadOnly);
-        paths.add("/dir2/dir3/dir1", AccessPerm::ReadWrite);
+        paths.add("/dir2/dir21/dir212", AccessPerm::Forbidden);
        paths.add("/dir2/dir22", AccessPerm::ReadOnly);
        paths.add("/dir2/dir22/dir221", AccessPerm::ReadWrite);
        paths.add("/dir2/dir23/dir231", AccessPerm::ReadWrite);
        assert_eq!(
-            paths.leaf_paths(Path::new("/tmp")),
+            paths.child_paths(Path::new("/tmp")),
            [
                "/tmp/dir1",
-                "/tmp/dir2/dir1",
+                "/tmp/dir2/dir21",
-                "/tmp/dir2/dir2",
+                "/tmp/dir2/dir22",
-                "/tmp/dir2/dir3/dir1"
+                "/tmp/dir2/dir23/dir231",
            ]
            .iter()
            .map(PathBuf::from)
@@ -508,15 +595,32 @@ mod tests {
        assert_eq!(
            paths
                .find("dir2", false)
-                .map(|v| v.leaf_paths(Path::new("/tmp/dir2"))),
+                .map(|v| v.child_paths(Path::new("/tmp/dir2"))),
            Some(
-                ["/tmp/dir2/dir1", "/tmp/dir2/dir2", "/tmp/dir2/dir3/dir1"]
+                [
                    "/tmp/dir2/dir21",
                    "/tmp/dir2/dir22",
                    "/tmp/dir2/dir23/dir231"
                ]
                .iter()
                .map(PathBuf::from)
                .collect::<Vec<_>>()
            )
        );
        assert_eq!(paths.find("dir2", true), None);
-        assert!(paths.find("dir1/file", true).is_some());
+        assert_eq!(
            paths.find("dir1/file", true),
            Some(AccessPaths::new(AccessPerm::ReadWrite))
        );
        assert_eq!(
            paths.find("dir2/dir21/file", true),
            Some(AccessPaths::new(AccessPerm::ReadWrite))
        );
        assert_eq!(
            paths.find("dir2/dir21/dir211/file", false),
            Some(AccessPaths::new(AccessPerm::ReadOnly))
        );
        assert_eq!(paths.find("dir2/dir21/dir211/file", true), None);
        assert_eq!(paths.find("dir2/dir21/dir212", false), None);
    }
 }
--- a/src/http_logger.rs
+++ b/src/http_logger.rs
@@ -1,23 +1,29 @@
-use std::{collections::HashMap, str::FromStr, sync::Arc};
+use std::{collections::HashMap, str::FromStr};
-use crate::{args::Args, server::Request};
+use crate::{auth::get_auth_user, server::Request};
 pub const DEFAULT_LOG_FORMAT: &str = r#"$remote_addr "$request" $status"#;
-#[derive(Debug)]
+#[derive(Debug, Clone, PartialEq)]
-pub struct LogHttp {
+pub struct HttpLogger {
    elements: Vec<LogElement>,
 }
-#[derive(Debug)]
+impl Default for HttpLogger {
    fn default() -> Self {
        DEFAULT_LOG_FORMAT.parse().unwrap()
    }
 }
 #[derive(Debug, Clone, PartialEq)]
 enum LogElement {
    Variable(String),
    Header(String),
    Literal(String),
 }
-impl LogHttp {
+impl HttpLogger {
-    pub fn data(&self, req: &Request, args: &Arc<Args>) -> HashMap<String, String> {
+    pub fn data(&self, req: &Request) -> HashMap<String, String> {
        let mut data = HashMap::default();
        for element in self.elements.iter() {
            match element {
@@ -26,10 +32,8 @@ impl LogHttp {
                        data.insert(name.to_string(), format!("{} {}", req.method(), req.uri()));
                    }
                    "remote_user" => {
-                        if let Some(user) = req
+                        if let Some(user) =
-                            .headers()
+                            req.headers().get("authorization").and_then(get_auth_user)
                            .get("authorization")
                            .and_then(|v| args.auth_method.get_user(v))
                        {
                            data.insert(name.to_string(), user);
                        }
@@ -66,7 +70,7 @@ impl LogHttp {
    }
 }
-impl FromStr for LogHttp {
+impl FromStr for HttpLogger {
    type Err = anyhow::Error;
    fn from_str(s: &str) -> Result<Self, Self::Err> {
        let mut elements = vec![];
--- a/src/http_utils.rs
+++ b/src/http_utils.rs
@@ -0,0 +1,105 @@
 use bytes::{Bytes, BytesMut};
 use futures_util::Stream;
 use http_body_util::{combinators::BoxBody, BodyExt, Full};
 use hyper::body::{Body, Incoming};
 use std::{
    pin::Pin,
    task::{Context, Poll},
 };
 use tokio::io::AsyncRead;
 use tokio_util::io::poll_read_buf;
 #[derive(Debug)]
 pub struct IncomingStream {
    inner: Incoming,
 }
 impl IncomingStream {
    pub fn new(inner: Incoming) -> Self {
        Self { inner }
    }
 }
 impl Stream for IncomingStream {
    type Item = Result<Bytes, anyhow::Error>;
    #[inline]
    fn poll_next(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Option<Self::Item>> {
        loop {
            match futures_util::ready!(Pin::new(&mut self.inner).poll_frame(cx)?) {
                Some(frame) => match frame.into_data() {
                    Ok(data) => return Poll::Ready(Some(Ok(data))),
                    Err(_frame) => {}
                },
                None => return Poll::Ready(None),
            }
        }
    }
 }
 pin_project_lite::pin_project! {
    pub struct LengthLimitedStream<R> {
        #[pin]
        reader: Option<R>,
        remaining: usize,
        buf: BytesMut,
        capacity: usize,
    }
 }
 impl<R> LengthLimitedStream<R> {
    pub fn new(reader: R, limit: usize) -> Self {
        Self {
            reader: Some(reader),
            remaining: limit,
            buf: BytesMut::new(),
            capacity: 4096,
        }
    }
 }
 impl<R: AsyncRead> Stream for LengthLimitedStream<R> {
    type Item = std::io::Result<Bytes>;
    fn poll_next(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<Option<Self::Item>> {
        let mut this = self.as_mut().project();
        if *this.remaining == 0 {
            self.project().reader.set(None);
            return Poll::Ready(None);
        }
        let reader = match this.reader.as_pin_mut() {
            Some(r) => r,
            None => return Poll::Ready(None),
        };
        if this.buf.capacity() == 0 {
            this.buf.reserve(*this.capacity);
        }
        match poll_read_buf(reader, cx, &mut this.buf) {
            Poll::Pending => Poll::Pending,
            Poll::Ready(Err(err)) => {
                self.project().reader.set(None);
                Poll::Ready(Some(Err(err)))
            }
            Poll::Ready(Ok(0)) => {
                self.project().reader.set(None);
                Poll::Ready(None)
            }
            Poll::Ready(Ok(_)) => {
                let mut chunk = this.buf.split();
                let chunk_size = (*this.remaining).min(chunk.len());
                chunk.truncate(chunk_size);
                *this.remaining -= chunk_size;
                Poll::Ready(Some(Ok(chunk.freeze())))
            }
        }
    }
 }
 pub fn body_full(content: impl Into<hyper::body::Bytes>) -> BoxBody<Bytes, anyhow::Error> {
    Full::new(content.into())
        .map_err(anyhow::Error::new)
        .boxed()
 }
--- a/src/main.rs
+++ b/src/main.rs
@@ -1,38 +1,37 @@
 mod args;
 mod auth;
-mod log_http;
+mod http_logger;
 mod http_utils;
 mod logger;
 mod server;
 mod streamer;
 #[cfg(feature = "tls")]
 mod tls;
 #[cfg(unix)]
 mod unix;
 mod utils;
 #[macro_use]
 extern crate log;
 use crate::args::{build_cli, print_completions, Args};
-use crate::server::{Request, Server};
+use crate::server::Server;
 #[cfg(feature = "tls")]
-use crate::tls::{TlsAcceptor, TlsStream};
+use crate::utils::{load_certs, load_private_key};
 use anyhow::{anyhow, Context, Result};
 use std::net::{IpAddr, SocketAddr, TcpListener as StdTcpListener};
 use std::sync::atomic::{AtomicBool, Ordering};
 use std::sync::Arc;
 use args::BindAddr;
 use clap_complete::Shell;
-use futures::future::join_all;
+use futures_util::future::join_all;
 use tokio::net::TcpListener;
 use tokio::task::JoinHandle;
-use hyper::server::conn::{AddrIncoming, AddrStream};
+use hyper::{body::Incoming, service::service_fn, Request};
-use hyper::service::{make_service_fn, service_fn};
+use hyper_util::{
    rt::{TokioExecutor, TokioIo},
    server::conn::auto::Builder,
 };
 use std::net::{IpAddr, SocketAddr, TcpListener as StdTcpListener};
 use std::sync::{
    atomic::{AtomicBool, Ordering},
    Arc,
 };
 use tokio::{net::TcpListener, task::JoinHandle};
 #[cfg(feature = "tls")]
-use rustls::ServerConfig;
+use tokio_rustls::{rustls::ServerConfig, TlsAcceptor};
 #[tokio::main]
 async fn main() -> Result<()> {
@@ -45,10 +44,10 @@ async fn main() -> Result<()> {
        return Ok(());
    }
    let args = Args::parse(matches)?;
    let args = Arc::new(args);
    let running = Arc::new(AtomicBool::new(true));
-    let handles = serve(args.clone(), running.clone())?;
+    let listening = print_listening(&args)?;
-    print_listening(args)?;
+    let handles = serve(args, running.clone())?;
    println!("{listening}");
    tokio::select! {
        ret = join_all(handles) => {
@@ -66,58 +65,66 @@ async fn main() -> Result<()> {
    }
 }
-fn serve(
+fn serve(args: Args, running: Arc<AtomicBool>) -> Result<Vec<JoinHandle<()>>> {
-    args: Arc<Args>,
+    let addrs = args.addrs.clone();
    running: Arc<AtomicBool>,
 ) -> Result<Vec<JoinHandle<Result<(), hyper::Error>>>> {
    let inner = Arc::new(Server::init(args.clone(), running)?);
    let mut handles = vec![];
    let port = args.port;
-    for bind_addr in args.addrs.iter() {
+    let tls_config = (args.tls_cert.clone(), args.tls_key.clone());
-        let inner = inner.clone();
+    let server_handle = Arc::new(Server::init(args, running)?);
-        let serve_func = move |remote_addr: Option<SocketAddr>| {
+    let mut handles = vec![];
-            let inner = inner.clone();
+    for bind_addr in addrs.iter() {
-            async move {
+        let server_handle = server_handle.clone();
                Ok::<_, hyper::Error>(service_fn(move |req: Request| {
                    let inner = inner.clone();
                    inner.call(req, remote_addr)
                }))
            }
        };
        match bind_addr {
            BindAddr::Address(ip) => {
-                let incoming = create_addr_incoming(SocketAddr::new(*ip, port))
+                let listener = create_listener(SocketAddr::new(*ip, port))
                    .with_context(|| format!("Failed to bind `{ip}:{port}`"))?;
-                match args.tls.as_ref() {
+
                match &tls_config {
                    #[cfg(feature = "tls")]
-                    Some((certs, key)) => {
+                    (Some(cert_file), Some(key_file)) => {
-                        let config = ServerConfig::builder()
+                        let certs = load_certs(cert_file)?;
-                            .with_safe_defaults()
+                        let key = load_private_key(key_file)?;
                        let mut config = ServerConfig::builder()
                            .with_no_client_auth()
-                            .with_single_cert(certs.clone(), key.clone())?;
+                            .with_single_cert(certs, key)?;
                        config.alpn_protocols = vec![b"h2".to_vec(), b"http/1.1".to_vec()];
                        let config = Arc::new(config);
-                        let accepter = TlsAcceptor::new(config.clone(), incoming);
+                        let tls_accepter = TlsAcceptor::from(config);
-                        let new_service = make_service_fn(move |socket: &TlsStream| {
+
-                            let remote_addr = socket.remote_addr();
+                        let handle = tokio::spawn(async move {
-                            serve_func(Some(remote_addr))
+                            loop {
-                        });
+                                let (cnx, addr) = listener.accept().await.unwrap();
-                        let server =
+                                let Ok(stream) = tls_accepter.accept(cnx).await else {
-                            tokio::spawn(hyper::Server::builder(accepter).serve(new_service));
+                                    warn!("During cls handshake connection from {}", addr);
-                        handles.push(server);
+                                    continue;
                                };
                                let stream = TokioIo::new(stream);
                                tokio::spawn(handle_stream(
                                    server_handle.clone(),
                                    stream,
                                    Some(addr),
                                ));
                            }
-                    #[cfg(not(feature = "tls"))]
+                        });
-                    Some(_) => {
+
                        handles.push(handle);
                    }
                    (None, None) => {
                        let handle = tokio::spawn(async move {
                            loop {
                                let (cnx, addr) = listener.accept().await.unwrap();
                                let stream = TokioIo::new(cnx);
                                tokio::spawn(handle_stream(
                                    server_handle.clone(),
                                    stream,
                                    Some(addr),
                                ));
                            }
                        });
                        handles.push(handle);
                    }
                    _ => {
                        unreachable!()
                    }
                    None => {
                        let new_service = make_service_fn(move |socket: &AddrStream| {
                            let remote_addr = socket.remote_addr();
                            serve_func(Some(remote_addr))
                        });
                        let server =
                            tokio::spawn(hyper::Server::builder(incoming).serve(new_service));
                        handles.push(server);
                    }
                };
            }
            BindAddr::Path(path) => {
@@ -128,10 +135,15 @@ fn serve(
                {
                    let listener = tokio::net::UnixListener::bind(path)
                        .with_context(|| format!("Failed to bind `{}`", path.display()))?;
-                    let acceptor = unix::UnixAcceptor::from_listener(listener);
+                    let handle = tokio::spawn(async move {
-                    let new_service = make_service_fn(move |_| serve_func(None));
+                        loop {
-                    let server = tokio::spawn(hyper::Server::builder(acceptor).serve(new_service));
+                            let (cnx, _) = listener.accept().await.unwrap();
-                    handles.push(server);
+                            let stream = TokioIo::new(cnx);
                            tokio::spawn(handle_stream(server_handle.clone(), stream, None));
                        }
                    });
                    handles.push(handle);
                }
            }
        }
@@ -139,7 +151,30 @@ fn serve(
    Ok(handles)
 }
-fn create_addr_incoming(addr: SocketAddr) -> Result<AddrIncoming> {
+async fn handle_stream<T>(handle: Arc<Server>, stream: TokioIo<T>, addr: Option<SocketAddr>)
 where
    T: tokio::io::AsyncRead + tokio::io::AsyncWrite + Unpin + Send + 'static,
 {
    let hyper_service =
        service_fn(move |request: Request<Incoming>| handle.clone().call(request, addr));
    let ret = Builder::new(TokioExecutor::new())
        .serve_connection_with_upgrades(stream, hyper_service)
        .await;
    if let Err(err) = ret {
        let scope = match addr {
            Some(addr) => format!(" from {}", addr),
            None => String::new(),
        };
        match err.downcast_ref::<std::io::Error>() {
            Some(err) if err.kind() == std::io::ErrorKind::UnexpectedEof => {}
            _ => warn!("Serving connection{}: {}", scope, err),
        }
    }
 }
 fn create_listener(addr: SocketAddr) -> Result<TcpListener> {
    use socket2::{Domain, Protocol, Socket, Type};
    let socket = Socket::new(Domain::for_address(addr), Type::STREAM, Some(Protocol::TCP))?;
    if addr.is_ipv6() {
@@ -150,11 +185,12 @@ fn create_addr_incoming(addr: SocketAddr) -> Result<AddrIncoming> {
    socket.listen(1024 /* Default backlog */)?;
    let std_listener = StdTcpListener::from(socket);
    std_listener.set_nonblocking(true)?;
-    let incoming = AddrIncoming::from_listener(TcpListener::from_std(std_listener)?)?;
+    let listener = TcpListener::from_std(std_listener)?;
-    Ok(incoming)
+    Ok(listener)
 }
-fn print_listening(args: Arc<Args>) -> Result<()> {
+fn print_listening(args: &Args) -> Result<String> {
    let mut output = String::new();
    let mut bind_addrs = vec![];
    let (mut ipv4, mut ipv6) = (false, false);
    for bind_addr in args.addrs.iter() {
@@ -195,7 +231,11 @@ fn print_listening(args: Arc<Args>) -> Result<()> {
                    IpAddr::V4(_) => format!("{}:{}", addr, args.port),
                    IpAddr::V6(_) => format!("[{}]:{}", addr, args.port),
                };
-                let protocol = if args.tls.is_some() { "https" } else { "http" };
+                let protocol = if args.tls_cert.is_some() {
                    "https"
                } else {
                    "http"
                };
                format!("{}://{}{}", protocol, addr, args.uri_prefix)
            }
            BindAddr::Path(path) => path.display().to_string(),
@@ -203,17 +243,17 @@ fn print_listening(args: Arc<Args>) -> Result<()> {
        .collect::<Vec<_>>();
    if urls.len() == 1 {
-        println!("Listening on {}", urls[0]);
+        output.push_str(&format!("Listening on {}", urls[0]))
    } else {
        let info = urls
            .iter()
            .map(|v| format!("  {v}"))
            .collect::<Vec<String>>()
            .join("\n");
-        println!("Listening on:\n{info}\n");
+        output.push_str(&format!("Listening on:\n{info}\n"))
    }
-    Ok(())
+    Ok(output)
 }
 async fn shutdown_signal() {
--- a/src/server.rs
+++ b/src/server.rs
--- a/src/streamer.rs
+++ b/src/streamer.rs
@@ -1,68 +0,0 @@
 use async_stream::stream;
 use futures::{Stream, StreamExt};
 use std::io::Error;
 use std::pin::Pin;
 use tokio::io::{AsyncRead, AsyncReadExt};
 pub struct Streamer<R>
 where
    R: AsyncRead + Unpin + Send + 'static,
 {
    reader: R,
    buf_size: usize,
 }
 impl<R> Streamer<R>
 where
    R: AsyncRead + Unpin + Send + 'static,
 {
    #[inline]
    pub fn new(reader: R, buf_size: usize) -> Self {
        Self { reader, buf_size }
    }
    pub fn into_stream(
        mut self,
    ) -> Pin<Box<impl ?Sized + Stream<Item = Result<Vec<u8>, Error>> + 'static>> {
        let stream = stream! {
            loop {
                let mut buf = vec![0; self.buf_size];
                let r = self.reader.read(&mut buf).await?;
                if r == 0 {
                    break
                }
                buf.truncate(r);
                yield Ok(buf);
            }
        };
        stream.boxed()
    }
    // allow truncation as truncated remaining is always less than buf_size: usize
    pub fn into_stream_sized(
        mut self,
        max_length: u64,
    ) -> Pin<Box<impl ?Sized + Stream<Item = Result<Vec<u8>, Error>> + 'static>> {
        let stream = stream! {
        let mut remaining = max_length;
            loop {
                if remaining == 0 {
                    break;
                }
                let bs = if remaining >= self.buf_size as u64 {
                    self.buf_size
                } else {
                    remaining as usize
                };
                let mut buf = vec![0; bs];
                let r = self.reader.read(&mut buf).await?;
                if r == 0 {
                    break;
                } else {
                    buf.truncate(r);
                    yield Ok(buf);
                }
                remaining -= r as u64;
            }
        };
        stream.boxed()
    }
 }
--- a/src/tls.rs
+++ b/src/tls.rs
@@ -1,161 +0,0 @@
 use anyhow::{anyhow, bail, Context as AnyhowContext, Result};
 use core::task::{Context, Poll};
 use futures::ready;
 use hyper::server::accept::Accept;
 use hyper::server::conn::{AddrIncoming, AddrStream};
 use rustls::{Certificate, PrivateKey};
 use std::future::Future;
 use std::net::SocketAddr;
 use std::path::Path;
 use std::pin::Pin;
 use std::sync::Arc;
 use std::{fs, io};
 use tokio::io::{AsyncRead, AsyncWrite, ReadBuf};
 use tokio_rustls::rustls::ServerConfig;
 enum State {
    Handshaking(tokio_rustls::Accept<AddrStream>),
    Streaming(tokio_rustls::server::TlsStream<AddrStream>),
 }
 // tokio_rustls::server::TlsStream doesn't expose constructor methods,
 // so we have to TlsAcceptor::accept and handshake to have access to it
 // TlsStream implements AsyncRead/AsyncWrite handshaking tokio_rustls::Accept first
 pub struct TlsStream {
    state: State,
    remote_addr: SocketAddr,
 }
 impl TlsStream {
    fn new(stream: AddrStream, config: Arc<ServerConfig>) -> TlsStream {
        let remote_addr = stream.remote_addr();
        let accept = tokio_rustls::TlsAcceptor::from(config).accept(stream);
        TlsStream {
            state: State::Handshaking(accept),
            remote_addr,
        }
    }
    pub fn remote_addr(&self) -> SocketAddr {
        self.remote_addr
    }
 }
 impl AsyncRead for TlsStream {
    fn poll_read(
        self: Pin<&mut Self>,
        cx: &mut Context,
        buf: &mut ReadBuf,
    ) -> Poll<io::Result<()>> {
        let pin = self.get_mut();
        match pin.state {
            State::Handshaking(ref mut accept) => match ready!(Pin::new(accept).poll(cx)) {
                Ok(mut stream) => {
                    let result = Pin::new(&mut stream).poll_read(cx, buf);
                    pin.state = State::Streaming(stream);
                    result
                }
                Err(err) => Poll::Ready(Err(err)),
            },
            State::Streaming(ref mut stream) => Pin::new(stream).poll_read(cx, buf),
        }
    }
 }
 impl AsyncWrite for TlsStream {
    fn poll_write(
        self: Pin<&mut Self>,
        cx: &mut Context<'_>,
        buf: &[u8],
    ) -> Poll<io::Result<usize>> {
        let pin = self.get_mut();
        match pin.state {
            State::Handshaking(ref mut accept) => match ready!(Pin::new(accept).poll(cx)) {
                Ok(mut stream) => {
                    let result = Pin::new(&mut stream).poll_write(cx, buf);
                    pin.state = State::Streaming(stream);
                    result
                }
                Err(err) => Poll::Ready(Err(err)),
            },
            State::Streaming(ref mut stream) => Pin::new(stream).poll_write(cx, buf),
        }
    }
    fn poll_flush(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<io::Result<()>> {
        match self.state {
            State::Handshaking(_) => Poll::Ready(Ok(())),
            State::Streaming(ref mut stream) => Pin::new(stream).poll_flush(cx),
        }
    }
    fn poll_shutdown(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<io::Result<()>> {
        match self.state {
            State::Handshaking(_) => Poll::Ready(Ok(())),
            State::Streaming(ref mut stream) => Pin::new(stream).poll_shutdown(cx),
        }
    }
 }
 pub struct TlsAcceptor {
    config: Arc<ServerConfig>,
    incoming: AddrIncoming,
 }
 impl TlsAcceptor {
    pub fn new(config: Arc<ServerConfig>, incoming: AddrIncoming) -> TlsAcceptor {
        TlsAcceptor { config, incoming }
    }
 }
 impl Accept for TlsAcceptor {
    type Conn = TlsStream;
    type Error = io::Error;
    fn poll_accept(
        self: Pin<&mut Self>,
        cx: &mut Context<'_>,
    ) -> Poll<Option<Result<Self::Conn, Self::Error>>> {
        let pin = self.get_mut();
        match ready!(Pin::new(&mut pin.incoming).poll_accept(cx)) {
            Some(Ok(sock)) => Poll::Ready(Some(Ok(TlsStream::new(sock, pin.config.clone())))),
            Some(Err(e)) => Poll::Ready(Some(Err(e))),
            None => Poll::Ready(None),
        }
    }
 }
 // Load public certificate from file.
 pub fn load_certs<T: AsRef<Path>>(filename: T) -> Result<Vec<Certificate>> {
    // Open certificate file.
    let cert_file = fs::File::open(filename.as_ref())
        .with_context(|| format!("Failed to access `{}`", filename.as_ref().display()))?;
    let mut reader = io::BufReader::new(cert_file);
    // Load and return certificate.
    let certs = rustls_pemfile::certs(&mut reader).with_context(|| "Failed to load certificate")?;
    if certs.is_empty() {
        bail!("No supported certificate in file");
    }
    Ok(certs.into_iter().map(Certificate).collect())
 }
 // Load private key from file.
 pub fn load_private_key<T: AsRef<Path>>(filename: T) -> Result<PrivateKey> {
    let key_file = fs::File::open(filename.as_ref())
        .with_context(|| format!("Failed to access `{}`", filename.as_ref().display()))?;
    let mut reader = io::BufReader::new(key_file);
    // Load and return a single private key.
    let keys = rustls_pemfile::read_all(&mut reader)
        .with_context(|| "There was a problem with reading private key")?
        .into_iter()
        .find_map(|item| match item {
            rustls_pemfile::Item::RSAKey(key)
            | rustls_pemfile::Item::PKCS8Key(key)
            | rustls_pemfile::Item::ECKey(key) => Some(key),
            _ => None,
        })
        .ok_or_else(|| anyhow!("No supported private key in file"))?;
    Ok(PrivateKey(keys))
 }
--- a/src/unix.rs
+++ b/src/unix.rs
@@ -1,31 +0,0 @@
 use hyper::server::accept::Accept;
 use tokio::net::UnixListener;
 use std::pin::Pin;
 use std::task::{Context, Poll};
 pub struct UnixAcceptor {
    inner: UnixListener,
 }
 impl UnixAcceptor {
    pub fn from_listener(listener: UnixListener) -> Self {
        Self { inner: listener }
    }
 }
 impl Accept for UnixAcceptor {
    type Conn = tokio::net::UnixStream;
    type Error = std::io::Error;
    fn poll_accept(
        self: Pin<&mut Self>,
        cx: &mut Context<'_>,
    ) -> Poll<Option<Result<Self::Conn, Self::Error>>> {
        match self.inner.poll_accept(cx) {
            Poll::Pending => Poll::Pending,
            Poll::Ready(Ok((socket, _addr))) => Poll::Ready(Some(Ok(socket))),
            Poll::Ready(Err(err)) => Poll::Ready(Some(Err(err))),
        }
    }
 }
--- a/src/utils.rs
+++ b/src/utils.rs
@@ -1,5 +1,7 @@
 use anyhow::{anyhow, Context, Result};
 use chrono::{DateTime, Utc};
 #[cfg(feature = "tls")]
 use rustls_pki_types::{CertificateDer, PrivateKeyDer};
 use std::{
    borrow::Cow,
    path::Path,
@@ -58,8 +60,84 @@ pub fn glob(pattern: &str, target: &str) -> bool {
    pat.matches(target)
 }
-#[test]
+// Load public certificate from file.
-fn test_glob_key() {
+#[cfg(feature = "tls")]
 pub fn load_certs<T: AsRef<Path>>(filename: T) -> Result<Vec<CertificateDer<'static>>> {
    // Open certificate file.
    let cert_file = std::fs::File::open(filename.as_ref())
        .with_context(|| format!("Failed to access `{}`", filename.as_ref().display()))?;
    let mut reader = std::io::BufReader::new(cert_file);
    // Load and return certificate.
    let mut certs = vec![];
    for cert in rustls_pemfile::certs(&mut reader) {
        let cert = cert.with_context(|| "Failed to load certificate")?;
        certs.push(cert)
    }
    if certs.is_empty() {
        anyhow::bail!("No supported certificate in file");
    }
    Ok(certs)
 }
 // Load private key from file.
 #[cfg(feature = "tls")]
 pub fn load_private_key<T: AsRef<Path>>(filename: T) -> Result<PrivateKeyDer<'static>> {
    let key_file = std::fs::File::open(filename.as_ref())
        .with_context(|| format!("Failed to access `{}`", filename.as_ref().display()))?;
    let mut reader = std::io::BufReader::new(key_file);
    // Load and return a single private key.
    for key in rustls_pemfile::read_all(&mut reader) {
        let key = key.with_context(|| "There was a problem with reading private key")?;
        match key {
            rustls_pemfile::Item::Pkcs1Key(key) => return Ok(PrivateKeyDer::Pkcs1(key)),
            rustls_pemfile::Item::Pkcs8Key(key) => return Ok(PrivateKeyDer::Pkcs8(key)),
            rustls_pemfile::Item::Sec1Key(key) => return Ok(PrivateKeyDer::Sec1(key)),
            _ => {}
        }
    }
    anyhow::bail!("No supported private key in file");
 }
 pub fn parse_range(range: &str, size: u64) -> Option<(u64, u64)> {
    let (unit, range) = range.split_once('=')?;
    if unit != "bytes" || range.contains(',') {
        return None;
    }
    let (start, end) = range.split_once('-')?;
    if start.is_empty() {
        let offset = end.parse::<u64>().ok()?;
        if offset <= size {
            Some((size - offset, size - 1))
        } else {
            None
        }
    } else {
        let start = start.parse::<u64>().ok()?;
        if start < size {
            if end.is_empty() {
                Some((start, size - 1))
            } else {
                let end = end.parse::<u64>().ok()?;
                if end < size {
                    Some((start, end))
                } else {
                    None
                }
            }
        } else {
            None
        }
    }
 }
 #[cfg(test)]
 mod tests {
    use super::*;
    #[test]
    fn test_glob_key() {
        assert!(glob("", ""));
        assert!(glob(".*", ".git"));
        assert!(glob("abc", "abc"));
@@ -80,4 +158,17 @@ fn test_glob_key() {
        assert!(glob("*.log", "a.log"));
        assert!(glob("*/", "abc/"));
        assert!(!glob("*/", "abc"));
    }
    #[test]
    fn test_parse_range() {
        assert_eq!(parse_range("bytes=0-499", 500), Some((0, 499)));
        assert_eq!(parse_range("bytes=0-", 500), Some((0, 499)));
        assert_eq!(parse_range("bytes=299-", 500), Some((299, 499)));
        assert_eq!(parse_range("bytes=-500", 500), Some((0, 499)));
        assert_eq!(parse_range("bytes=-300", 500), Some((200, 499)));
        assert_eq!(parse_range("bytes=500-", 500), None);
        assert_eq!(parse_range("bytes=-501", 500), None);
        assert_eq!(parse_range("bytes=0-500", 500), None);
    }
 }
--- a/tests/assets.rs
+++ b/tests/assets.rs
@@ -32,7 +32,7 @@ fn asset_js(server: TestServer) -> Result<(), Error> {
    assert_eq!(resp.status(), 200);
    assert_eq!(
        resp.headers().get("content-type").unwrap(),
-        "application/javascript"
+        "application/javascript; charset=UTF-8"
    );
    Ok(())
 }
@@ -46,7 +46,10 @@ fn asset_css(server: TestServer) -> Result<(), Error> {
    );
    let resp = reqwest::blocking::get(url)?;
    assert_eq!(resp.status(), 200);
-    assert_eq!(resp.headers().get("content-type").unwrap(), "text/css");
+    assert_eq!(
        resp.headers().get("content-type").unwrap(),
        "text/css; charset=UTF-8"
    );
    Ok(())
 }
@@ -90,7 +93,7 @@ fn asset_js_with_prefix(
    assert_eq!(resp.status(), 200);
    assert_eq!(
        resp.headers().get("content-type").unwrap(),
-        "application/javascript"
+        "application/javascript; charset=UTF-8"
    );
    Ok(())
 }
--- a/tests/auth.rs
+++ b/tests/auth.rs
@@ -10,7 +10,15 @@ use rstest::rstest;
 fn no_auth(#[with(&["--auth", "user:pass@/:rw", "-A"])] server: TestServer) -> Result<(), Error> {
    let resp = reqwest::blocking::get(server.url())?;
    assert_eq!(resp.status(), 401);
-    assert!(resp.headers().contains_key("www-authenticate"));
+    let values: Vec<&str> = resp
        .headers()
        .get_all("www-authenticate")
        .iter()
        .map(|v| v.to_str().unwrap())
        .collect();
    assert!(values[0].starts_with("Digest"));
    assert!(values[1].starts_with("Basic"));
    let url = format!("{}file1", server.url());
    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
    assert_eq!(resp.status(), 401);
@@ -18,7 +26,49 @@ fn no_auth(#[with(&["--auth", "user:pass@/:rw", "-A"])] server: TestServer) -> R
 }
 #[rstest]
-fn auth(#[with(&["--auth", "user:pass@/:rw", "-A"])] server: TestServer) -> Result<(), Error> {
+#[case(server(&["--auth", "user:pass@/:rw", "-A"]), "user", "pass")]
 #[case(server(&["--auth", "user:pa:ss@1@/:rw", "-A"]), "user", "pa:ss@1")]
 fn auth(#[case] server: TestServer, #[case] user: &str, #[case] pass: &str) -> Result<(), Error> {
    let url = format!("{}file1", server.url());
    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
    assert_eq!(resp.status(), 401);
    let resp = fetch!(b"PUT", &url)
        .body(b"abc".to_vec())
        .send_with_digest_auth(user, pass)?;
    assert_eq!(resp.status(), 201);
    Ok(())
 }
 const HASHED_PASSWORD_AUTH: &str =  "user:$6$gQxZwKyWn/ZmWEA2$4uV7KKMnSUnET2BtWTj/9T5.Jq3h/MdkOlnIl5hdlTxDZ4MZKmJ.kl6C.NL9xnNPqC4lVHC1vuI0E5cLpTJX81@/:rw"; // user:pass
 #[rstest]
 fn auth_hashed_password(
    #[with(&["--auth", HASHED_PASSWORD_AUTH, "-A"])] server: TestServer,
 ) -> Result<(), Error> {
    let url = format!("{}file1", server.url());
    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
    assert_eq!(resp.status(), 401);
    if let Err(err) = fetch!(b"PUT", &url)
        .body(b"abc".to_vec())
        .send_with_digest_auth("user", "pass")
    {
        assert_eq!(
            format!("{err:?}"),
            r#"DigestAuth(MissingRequired("realm", "Basic realm=\"DUFS\""))"#
        );
    }
    let resp = fetch!(b"PUT", &url)
        .body(b"abc".to_vec())
        .basic_auth("user", Some("pass"))
        .send()?;
    assert_eq!(resp.status(), 201);
    Ok(())
 }
 #[rstest]
 fn auth_and_public(
    #[with(&["-a", "user:pass@/:rw", "-a", "@/", "-A"])] server: TestServer,
 ) -> Result<(), Error> {
    let url = format!("{}file1", server.url());
    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
    assert_eq!(resp.status(), 401);
@@ -26,6 +76,9 @@ fn auth(#[with(&["--auth", "user:pass@/:rw", "-A"])] server: TestServer) -> Resu
        .body(b"abc".to_vec())
        .send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 201);
    let resp = fetch!(b"GET", &url).send()?;
    assert_eq!(resp.status(), 200);
    assert_eq!(resp.text()?, "abc");
    Ok(())
 }
@@ -48,6 +101,20 @@ fn auth_skip_on_options_method(
 #[rstest]
 fn auth_check(
    #[with(&["--auth", "user:pass@/:rw", "--auth", "user2:pass2@/", "-A"])] server: TestServer,
 ) -> Result<(), Error> {
    let url = format!("{}index.html", server.url());
    let resp = fetch!(b"WRITEABLE", &url).send()?;
    assert_eq!(resp.status(), 401);
    let resp = fetch!(b"WRITEABLE", &url).send_with_digest_auth("user2", "pass2")?;
    assert_eq!(resp.status(), 403);
    let resp = fetch!(b"WRITEABLE", &url).send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 200);
    Ok(())
 }
 #[rstest]
 fn auth_compact_rules(
    #[with(&["--auth", "user:pass@/:rw|user2:pass2@/", "-A"])] server: TestServer,
 ) -> Result<(), Error> {
    let url = format!("{}index.html", server.url());
@@ -62,7 +129,7 @@ fn auth_check(
 #[rstest]
 fn auth_readonly(
-    #[with(&["--auth", "user:pass@/:rw|user2:pass2@/", "-A"])] server: TestServer,
+    #[with(&["--auth", "user:pass@/:rw", "--auth", "user2:pass2@/", "-A"])] server: TestServer,
 ) -> Result<(), Error> {
    let url = format!("{}index.html", server.url());
    let resp = fetch!(b"GET", &url).send()?;
@@ -77,9 +144,26 @@ fn auth_readonly(
    Ok(())
 }
 #[rstest]
 fn auth_forbidden(
    #[with(&["--auth", "user:pass@/:rw,/dir1:-", "-A"])] server: TestServer,
 ) -> Result<(), Error> {
    let url = format!("{}file1", server.url());
    let resp = fetch!(b"PUT", &url)
        .body(b"abc".to_vec())
        .send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 201);
    let url = format!("{}dir1/file1", server.url());
    let resp = fetch!(b"PUT", &url)
        .body(b"abc".to_vec())
        .send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 403);
    Ok(())
 }
 #[rstest]
 fn auth_nest(
-    #[with(&["--auth", "user:pass@/:rw|user2:pass2@/", "--auth", "user3:pass3@/dir1:rw", "-A"])]
+    #[with(&["--auth", "user:pass@/:rw", "--auth", "user2:pass2@/", "--auth", "user3:pass3@/dir1:rw", "-A"])]
    server: TestServer,
 ) -> Result<(), Error> {
    let url = format!("{}dir1/file1", server.url());
@@ -108,8 +192,8 @@ fn auth_nest_share(
 }
 #[rstest]
-#[case(server(&["--auth", "user:pass@/:rw", "--auth-method", "basic", "-A"]), "user", "pass")]
+#[case(server(&["--auth", "user:pass@/:rw", "-A"]), "user", "pass")]
-#[case(server(&["--auth", "u1:p1@/:rw", "--auth-method", "basic", "-A"]), "u1", "p1")]
+#[case(server(&["--auth", "u1:p1@/:rw", "-A"]), "u1", "p1")]
 fn auth_basic(
    #[case] server: TestServer,
    #[case] user: &str,
@@ -184,3 +268,66 @@ fn auth_partial_index(
    );
    Ok(())
 }
 #[rstest]
 fn no_auth_propfind_dir(
    #[with(&["--auth", "admin:admin@/:rw", "--auth", "@/dir-assets", "-A"])] server: TestServer,
 ) -> Result<(), Error> {
    let resp = fetch!(b"PROPFIND", server.url()).send()?;
    assert_eq!(resp.status(), 207);
    let body = resp.text()?;
    assert!(body.contains("<D:href>/dir-assets/</D:href>"));
    assert!(body.contains("<D:href>/dir1/</D:href>"));
    Ok(())
 }
 #[rstest]
 fn auth_propfind_dir(
    #[with(&["--auth", "admin:admin@/:rw", "--auth", "user:pass@/dir-assets", "-A"])]
    server: TestServer,
 ) -> Result<(), Error> {
    let resp = fetch!(b"PROPFIND", server.url()).send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 207);
    let body = resp.text()?;
    assert!(body.contains("<D:href>/dir-assets/</D:href>"));
    assert!(!body.contains("<D:href>/dir1/</D:href>"));
    Ok(())
 }
 #[rstest]
 fn auth_data(
    #[with(&["-a", "user:pass@/:rw", "-a", "@/", "-A"])] server: TestServer,
 ) -> Result<(), Error> {
    let resp = reqwest::blocking::get(server.url())?;
    let content = resp.text()?;
    let json = utils::retrive_json(&content).unwrap();
    assert_eq!(json["allow_delete"], serde_json::Value::Bool(false));
    assert_eq!(json["allow_upload"], serde_json::Value::Bool(false));
    let resp = fetch!(b"GET", server.url())
        .basic_auth("user", Some("pass"))
        .send()?;
    let content = resp.text()?;
    let json = utils::retrive_json(&content).unwrap();
    assert_eq!(json["allow_delete"], serde_json::Value::Bool(true));
    assert_eq!(json["allow_upload"], serde_json::Value::Bool(true));
    Ok(())
 }
 #[rstest]
 fn auth_precedence(
    #[with(&["--auth", "user:pass@/dir1:rw,/dir1/test.txt", "-A"])] server: TestServer,
 ) -> Result<(), Error> {
    let url = format!("{}dir1/test.txt", server.url());
    let resp = fetch!(b"PUT", &url)
        .body(b"abc".to_vec())
        .send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 403);
    let url = format!("{}dir1/file1", server.url());
    let resp = fetch!(b"PUT", &url)
        .body(b"abc".to_vec())
        .send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 201);
    Ok(())
 }
--- a/tests/bind.rs
+++ b/tests/bind.rs
@@ -76,9 +76,7 @@ fn validate_printed_urls(tmpdir: TempDir, port: u16, #[case] args: &[&str]) -> R
        .collect::<Vec<_>>();
    assert!(!urls.is_empty());
-    for url in urls {
+    reqwest::blocking::get(urls[0])?.error_for_status()?;
        reqwest::blocking::get(url)?.error_for_status()?;
    }
    child.kill()?;
--- a/tests/config.rs
+++ b/tests/config.rs
@@ -0,0 +1,56 @@
 mod fixtures;
 mod utils;
 use assert_cmd::prelude::*;
 use assert_fs::TempDir;
 use diqwest::blocking::WithDigestAuth;
 use fixtures::{port, tmpdir, wait_for_port, Error};
 use rstest::rstest;
 use std::path::PathBuf;
 use std::process::{Command, Stdio};
 #[rstest]
 fn use_config_file(tmpdir: TempDir, port: u16) -> Result<(), Error> {
    let config_path = get_config_path().display().to_string();
    let mut child = Command::cargo_bin("dufs")?
        .arg(tmpdir.path())
        .arg("-p")
        .arg(port.to_string())
        .args(["--config", &config_path])
        .stdout(Stdio::piped())
        .spawn()?;
    wait_for_port(port);
    let url = format!("http://localhost:{port}/dufs/index.html");
    let resp = fetch!(b"GET", &url).send()?;
    assert_eq!(resp.status(), 401);
    let url = format!("http://localhost:{port}/dufs/index.html");
    let resp = fetch!(b"GET", &url).send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.text()?, "This is index.html");
    let url = format!("http://localhost:{port}/dufs?simple");
    let resp = fetch!(b"GET", &url).send_with_digest_auth("user", "pass")?;
    let text: String = resp.text().unwrap();
    assert!(text.split('\n').any(|c| c == "dir1/"));
    assert!(!text.split('\n').any(|c| c == "dir3/"));
    assert!(!text.split('\n').any(|c| c == "test.txt"));
    let url = format!("http://localhost:{port}/dufs/dir1/upload.txt");
    let resp = fetch!(b"PUT", &url)
        .body("Hello")
        .send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 201);
    child.kill()?;
    Ok(())
 }
 fn get_config_path() -> PathBuf {
    let mut path = std::env::current_dir().expect("Failed to get current directory");
    path.push("tests");
    path.push("data");
    path.push("config.yaml");
    path
 }
--- a/tests/cors.rs
+++ b/tests/cors.rs
@@ -19,15 +19,15 @@ fn cors(#[with(&["--enable-cors"])] server: TestServer) -> Result<(), Error> {
    );
    assert_eq!(
        resp.headers().get("access-control-allow-methods").unwrap(),
-        "GET,HEAD,PUT,OPTIONS,DELETE,PROPFIND,COPY,MOVE"
+        "*"
    );
    assert_eq!(
        resp.headers().get("access-control-allow-headers").unwrap(),
-        "Authorization,Destination,Range,Content-Type"
+        "Authorization,*"
    );
    assert_eq!(
        resp.headers().get("access-control-expose-headers").unwrap(),
-        "WWW-Authenticate,Content-Range,Accept-Ranges,Content-Disposition"
+        "Authorization,*"
    );
    Ok(())
 }
--- a/tests/data/config.yaml
+++ b/tests/data/config.yaml
@@ -0,0 +1,9 @@
 bind:
  - 0.0.0.0
 path-prefix: dufs
 hidden:
  - dir3
  - test.txt
 auth: 
  - user:pass@/:rw
 allow-upload: true
--- a/tests/fixtures.rs
+++ b/tests/fixtures.rs
@@ -16,7 +16,14 @@ pub const BIN_FILE: &str = "😀.bin";
 /// File names for testing purpose
 #[allow(dead_code)]
-pub static FILES: &[&str] = &["test.txt", "test.html", "index.html", BIN_FILE];
+pub static FILES: &[&str] = &[
    "test.txt",
    "test.html",
    "index.html",
    #[cfg(not(target_os = "windows"))]
    "file\n1.txt",
    BIN_FILE,
 ];
 /// Directory names for testing directory don't exist
 #[allow(dead_code)]
@@ -46,7 +53,7 @@ pub fn tmpdir() -> TempDir {
    let tmpdir = assert_fs::TempDir::new().expect("Couldn't create a temp dir for tests");
    for file in FILES {
        if *file == BIN_FILE {
-            tmpdir.child(file).write_binary(b"bin\0\0123").unwrap();
+            tmpdir.child(file).write_binary(b"bin\0\x00123").unwrap();
        } else {
            tmpdir
                .child(file)
@@ -58,7 +65,7 @@ pub fn tmpdir() -> TempDir {
        if *directory == DIR_ASSETS {
            tmpdir
                .child(format!("{}{}", directory, "index.html"))
-                .write_str("__ASSERTS_PREFIX__index.js;DATA = __INDEX_DATA__")
+                .write_str("__ASSETS_PREFIX__index.js;DATA = __INDEX_DATA__")
                .unwrap();
        } else {
            for file in FILES {
@@ -68,7 +75,7 @@ pub fn tmpdir() -> TempDir {
                if *file == BIN_FILE {
                    tmpdir
                        .child(format!("{directory}{file}"))
-                        .write_binary(b"bin\0\0123")
+                        .write_binary(b"bin\0\x00123")
                        .unwrap();
                } else {
                    tmpdir
--- a/tests/http.rs
+++ b/tests/http.rs
@@ -40,7 +40,12 @@ fn head_dir_404(server: TestServer) -> Result<(), Error> {
 }
 #[rstest]
-fn get_dir_zip(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+#[case(server(&["--allow-archive"] as &[&str]))]
 #[case(server(&["--allow-archive", "--compress", "none"]))]
 #[case(server(&["--allow-archive", "--compress", "low"]))]
 #[case(server(&["--allow-archive", "--compress", "medium"]))]
 #[case(server(&["--allow-archive", "--compress", "high"]))]
 fn get_dir_zip(#[case] server: TestServer) -> Result<(), Error> {
    let resp = reqwest::blocking::get(format!("{}?zip", server.url()))?;
    assert_eq!(resp.status(), 200);
    assert_eq!(
@@ -123,6 +128,15 @@ fn get_dir_search3(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
    Ok(())
 }
 #[rstest]
 fn get_dir_search4(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
    let resp = reqwest::blocking::get(format!("{}dir1?q=dir1&simple", server.url()))?;
    assert_eq!(resp.status(), 200);
    let text = resp.text().unwrap();
    assert!(text.is_empty());
    Ok(())
 }
 #[rstest]
 fn head_dir_search(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
    let resp = fetch!(b"HEAD", format!("{}?q={}", server.url(), "test.html")).send()?;
@@ -138,9 +152,7 @@ fn head_dir_search(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
 #[rstest]
 fn empty_search(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
    let resp = reqwest::blocking::get(format!("{}?q=", server.url()))?;
-    assert_eq!(resp.status(), 200);
+    assert_resp_paths!(resp);
    let paths = utils::retrieve_index_paths(&resp.text()?);
    assert!(paths.is_empty());
    Ok(())
 }
@@ -195,6 +207,18 @@ fn get_file_emoji_path(server: TestServer) -> Result<(), Error> {
    Ok(())
 }
 #[cfg(not(target_os = "windows"))]
 #[rstest]
 fn get_file_newline_path(server: TestServer) -> Result<(), Error> {
    let resp = reqwest::blocking::get(format!("{}file%0A1.txt", server.url()))?;
    assert_eq!(resp.status(), 200);
    assert_eq!(
        resp.headers().get("content-disposition").unwrap(),
        "inline; filename=\"file 1.txt\""
    );
    Ok(())
 }
 #[rstest]
 fn get_file_edit(server: TestServer) -> Result<(), Error> {
    let resp = fetch!(b"GET", format!("{}index.html?edit", server.url())).send()?;
@@ -226,9 +250,12 @@ fn options_dir(server: TestServer) -> Result<(), Error> {
    assert_eq!(resp.status(), 200);
    assert_eq!(
        resp.headers().get("allow").unwrap(),
-        "GET,HEAD,PUT,OPTIONS,DELETE,PROPFIND,COPY,MOVE"
+        "GET,HEAD,PUT,OPTIONS,DELETE,PATCH,PROPFIND,COPY,MOVE"
    );
    assert_eq!(
        resp.headers().get("dav").unwrap(),
        "1, 2, 3, sabredav-partialupdate"
    );
    assert_eq!(resp.headers().get("dav").unwrap(), "1,2");
    Ok(())
 }
@@ -306,3 +333,19 @@ fn get_file_content_type(server: TestServer) -> Result<(), Error> {
    );
    Ok(())
 }
 #[rstest]
 fn resumable_upload(#[with(&["--allow-upload"])] server: TestServer) -> Result<(), Error> {
    let url = format!("{}file1", server.url());
    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
    assert_eq!(resp.status(), 201);
    let resp = fetch!(b"PATCH", &url)
        .header("X-Update-Range", "append")
        .body(b"123".to_vec())
        .send()?;
    assert_eq!(resp.status(), 204);
    let resp = reqwest::blocking::get(url)?;
    assert_eq!(resp.status(), 200);
    assert_eq!(resp.text().unwrap(), "abc123");
    Ok(())
 }
--- a/tests/http_logger.rs
+++ b/tests/http_logger.rs
@@ -12,7 +12,7 @@ use std::process::{Command, Stdio};
 #[rstest]
 #[case(&["-a", "user:pass@/:rw", "--log-format", "$remote_user"], false)]
-#[case(&["-a", "user:pass@/:rw", "--log-format", "$remote_user", "--auth-method", "basic"], true)]
+#[case(&["-a", "user:pass@/:rw", "--log-format", "$remote_user"], true)]
 fn log_remote_user(
    tmpdir: TempDir,
    port: u16,
@@ -41,7 +41,7 @@ fn log_remote_user(
    assert_eq!(resp.status(), 200);
-    let mut buf = [0; 1000];
+    let mut buf = [0; 2048];
    let buf_len = stdout.read(&mut buf)?;
    let output = std::str::from_utf8(&buf[0..buf_len])?;
@@ -69,10 +69,12 @@ fn no_log(tmpdir: TempDir, port: u16, #[case] args: &[&str]) -> Result<(), Error
    let resp = fetch!(b"GET", &format!("http://localhost:{port}")).send()?;
    assert_eq!(resp.status(), 200);
-    let mut buf = [0; 1000];
+    let mut buf = [0; 2048];
    let buf_len = stdout.read(&mut buf)?;
    let output = std::str::from_utf8(&buf[0..buf_len])?;
    assert_eq!(output.lines().last().unwrap(), "");
    child.kill()?;
    Ok(())
 }
--- a/tests/range.rs
+++ b/tests/range.rs
@@ -2,7 +2,7 @@ mod fixtures;
 mod utils;
 use fixtures::{server, Error, TestServer};
-use headers::HeaderValue;
+use reqwest::header::HeaderValue;
 use rstest::rstest;
 #[rstest]
@@ -23,14 +23,10 @@ fn get_file_range_beyond(server: TestServer) -> Result<(), Error> {
    let resp = fetch!(b"GET", format!("{}index.html", server.url()))
        .header("range", HeaderValue::from_static("bytes=12-20"))
        .send()?;
-    assert_eq!(resp.status(), 206);
+    assert_eq!(resp.status(), 416);
-    assert_eq!(
+    assert_eq!(resp.headers().get("content-range").unwrap(), "bytes */18");
        resp.headers().get("content-range").unwrap(),
        "bytes 12-17/18"
    );
    assert_eq!(resp.headers().get("accept-ranges").unwrap(), "bytes");
-    assert_eq!(resp.headers().get("content-length").unwrap(), "6");
+    assert_eq!(resp.headers().get("content-length").unwrap(), "0");
    assert_eq!(resp.text()?, "x.html");
    Ok(())
 }
--- a/tests/tls.rs
+++ b/tests/tls.rs
@@ -7,6 +7,8 @@ use predicates::str::contains;
 use reqwest::blocking::ClientBuilder;
 use rstest::rstest;
 use crate::fixtures::port;
 /// Can start the server with TLS and receive encrypted responses.
 #[rstest]
 #[case(server(&[
@@ -33,8 +35,16 @@ fn tls_works(#[case] server: TestServer) -> Result<(), Error> {
 /// Wrong path for cert throws error.
 #[rstest]
 fn wrong_path_cert() -> Result<(), Error> {
    let port = port().to_string();
    Command::cargo_bin("dufs")?
-        .args(["--tls-cert", "wrong", "--tls-key", "tests/data/key.pem"])
+        .args([
            "--tls-cert",
            "wrong",
            "--tls-key",
            "tests/data/key.pem",
            "--port",
            &port,
        ])
        .assert()
        .failure()
        .stderr(contains("Failed to access `wrong`"));
@@ -45,8 +55,16 @@ fn wrong_path_cert() -> Result<(), Error> {
 /// Wrong paths for key throws errors.
 #[rstest]
 fn wrong_path_key() -> Result<(), Error> {
    let port = port().to_string();
    Command::cargo_bin("dufs")?
-        .args(["--tls-cert", "tests/data/cert.pem", "--tls-key", "wrong"])
+        .args([
            "--tls-cert",
            "tests/data/cert.pem",
            "--tls-key",
            "wrong",
            "--port",
            &port,
        ])
        .assert()
        .failure()
        .stderr(contains("Failed to access `wrong`"));
--- a/tests/utils.rs
+++ b/tests/utils.rs
@@ -20,7 +20,7 @@ macro_rules! assert_resp_paths {
 #[macro_export]
 macro_rules! fetch {
    ($method:literal, $url:expr) => {
-        reqwest::blocking::Client::new().request(hyper::Method::from_bytes($method)?, $url)
+        reqwest::blocking::Client::new().request(reqwest::Method::from_bytes($method)?, $url)
    };
 }
@@ -59,7 +59,8 @@ pub fn encode_uri(v: &str) -> String {
    parts.join("/")
 }
-fn retrive_json(content: &str) -> Option<Value> {
+#[allow(dead_code)]
 pub fn retrive_json(content: &str) -> Option<Value> {
    let lines: Vec<&str> = content.lines().collect();
    let line = lines.iter().find(|v| v.contains("DATA ="))?;
    let line_col = line.find("DATA =").unwrap() + 6;
Author	SHA1	Message	Date
sigoden	58a46f7c3a	chore: release v0.39.0 (#345 )	2024-01-11 16:50:25 +08:00
sigoden	ef757281b3	chore: release v0.39.0	2024-01-11 08:31:56 +00:00
sigoden	de0614816a	refactor: propfind with auth no need to list all (#344 )	2024-01-11 16:10:10 +08:00
sigoden	81d2c49e3f	chore: update bug_report issue template	2024-01-11 07:04:44 +00:00
sigoden	ee21894452	feat: supports resumable uploads (#343 )	2024-01-11 14:56:30 +08:00
sigoden	0ac0c048ec	fix: corrupted zip when downloading large folders (#337 )	2024-01-07 10:50:15 +08:00
sigoden	17063454d3	chore: update bug_report issue tempalte	2024-01-05 00:37:41 +00:00
sigoden	af347f9cf0	feat: auth supports forbidden permissions (#329 )	2023-12-23 18:36:46 +08:00
sigoden	006e03ed30	fix: serve files with names containing newline char (#328 )	2023-12-23 15:40:41 +08:00
sigoden	77f86a4c60	fix: auth precedence (#325 )	2023-12-21 17:28:13 +08:00
sigoden	a66f95b39f	chore: log error during connection	2023-12-21 08:08:15 +00:00
sigoden	52506bc01f	refactor: optimize http range parsing and handling (#323 )	2023-12-21 15:46:55 +08:00
sigoden	270cc0cba2	feat: upgrade to hyper 1.0 (#321 )	2023-12-21 14:24:20 +08:00
sigoden	5988442d5c	chore: remove debug print	2023-12-14 11:08:10 +00:00
sigoden	3873f4794a	feat: add `--compress` option (#319 )	2023-12-14 18:59:28 +08:00
plantatorbob	cd84dff87f	fix: upload more than 100 files in directory (#317 )	2023-12-11 18:28:11 +08:00
sigoden	8590f3e841	chore: improve readme	2023-12-09 09:17:36 +00:00
sigoden	44a4ddf973	refactor: change the value name of `--config` (#313 )	2023-12-07 15:14:41 +08:00
sigoden	37800f630d	refactor: change the format of www-authenticate (#312 )	2023-12-07 15:04:14 +08:00
sigoden	5c850256f4	feat: empty search `?q=` list all paths (#311 )	2023-12-07 06:55:17 +08:00
sigoden	0cec573579	chore: release v0.38.0	2023-11-29 07:49:50 +08:00
sigoden	073b098111	feat: ui supports view file (#301 )	2023-11-28 07:14:53 +08:00
sigoden	6ff8b29b69	feat: more flexible config values (#299 )	2023-11-27 04:24:25 +08:00
sigoden	7584fe3d08	feat: deprecate the use of `\|` to separate auth rules (#298 )	2023-11-26 22:15:49 +08:00
sigoden	653cd167d0	feat: password can contain `:` `@` `\|` (#297 )	2023-11-26 20:47:57 +08:00
sigoden	ab29e39148	chore: trivial updates	2023-11-26 15:04:12 +08:00
sigoden	f8d6859354	refactor: ui improve uploading progress (#296 )	2023-11-26 10:23:37 +08:00
sigoden	130435c387	chore: update readme	2023-11-25 19:07:37 +08:00
sigoden	afdfde01f0	fix: unable to start if config file omit bind/port fields (#294 )	2023-11-25 18:54:36 +08:00
sigoden	ae97c714d6	refactor: ui change the cursor for upload-btn to a pointer (#291 )	2023-11-21 16:24:59 +08:00
sigoden	c352dab470	refactor: take improvements from the edge browser (#289 )	2023-11-15 19:44:44 +08:00
sigoden	743db47f90	chore: release v0.37.1	2023-11-08 11:11:36 +08:00
sigoden	a476c15a09	fix: use DUFS_CONFIG to specify the config file path (#286 )	2023-11-08 11:10:47 +08:00
sigoden	0d74fa3ec5	chore: release v0.37.0	2023-11-08 10:41:24 +08:00
sigoden	b83cc6938b	chore: update readme	2023-11-07 22:45:53 +08:00
sigoden	a187b14885	chore: update deps and ci (#284 )	2023-11-04 19:47:13 +08:00
sigoden	d3de3db0d9	feat: support hashed password (#283 )	2023-11-04 18:12:58 +08:00
sigoden	80ac9afe68	refactor: improve code quanity (#282 ) - rename LogHttp to HttpLogger	2023-11-04 17:10:38 +08:00
sigoden	4ef07737e1	feat: support config file with `--config` option (#281 )	2023-11-04 16:58:19 +08:00
sigoden	5782c5f413	chore: update description for `--auth`	2023-11-03 21:08:05 +08:00
sigoden	8b4cab1e69	fix: auto delete half-uploaded files (#280 )	2023-11-03 20:58:53 +08:00
sigoden	70300b133c	feat: deprecate `--auth-method`, as both options are available (#279 ) * feat: deprecate `--auth-method`, both are avaiable * send one www-authenticate with two schemes	2023-11-03 20:36:23 +08:00
sigoden	7ea4bb808d	refactor: optimize tests	2023-11-03 15:25:20 +08:00
sigoden	6766e0d437	fix: ui show user-name next to the user-icon (#278 )	2023-11-03 14:55:07 +08:00
tieway59	53c9bc8bea	refactor: remove one clone on `assets_prefix` (#270 ) This clone is not consist with the usage of `assets_prefix` in following code and it's unnecessary. Signed-off-by: TieWay59 <tieway59@foxmail.com>	2023-10-05 08:50:24 +08:00
sigoden	60df3b473c	fix: sort path ignore case (#264 )	2023-09-06 23:25:04 +08:00
sigoden	6510ae8be9	chore: release v0.36.0	2023-08-24 18:46:30 +08:00
sigoden	9545fb6e37	fix: ui readonly if no write perm (#258 )	2023-08-24 18:32:34 +08:00
sigoden	0fd0f11298	chore: update deps	2023-08-24 16:46:38 +08:00
figsoda	46aa8fcc02	test: remove dependency on native tls (#255 )	2023-08-15 11:01:25 +08:00
sigoden	09bb738866	chore: update changelog	2023-08-15 07:29:02 +08:00
sigoden	3612ef10d1	chore: release 0.35.0 (#254 ) * chore: release 0.35.0 * update release profile	2023-08-15 07:24:22 +08:00
sigoden	7ac2039a36	chore: update deps	2023-08-14 17:31:52 +08:00
sigoden	7f83de765a	fix: typo __ASSERTS_PREFIX__ (#252 )	2023-08-13 15:05:45 +08:00
sigoden	9b3779b13a	chore: update readme close #247	2023-07-20 06:33:17 +08:00
sigoden	11a52f29c4	chore: fix release ci (#244 )	2023-07-15 16:34:22 +08:00
sigoden	10204c723f	chore: fix clippy (#245 )	2023-07-15 16:27:13 +08:00
sigoden	204421643d	chore: update ci (#242 )	2023-07-04 10:25:49 +08:00
sigoden	d9706d75ef	feat: sort by type first, then sort by name/mtime/size (#241 )	2023-07-04 10:10:48 +08:00
sigoden	40df0bd2f9	chore: update readme	2023-06-18 08:55:42 +08:00
sigoden	a53411b4d6	fix: search should ignore entry path (#235 )	2023-06-15 08:28:21 +08:00
ElmTran	609017b2f5	chore: Update README.md (#233 ) update examples on new auth.	2023-06-13 08:23:05 +08:00
sigoden	7dc0b0e218	chore: release v0.34.2	2023-06-05 11:51:56 +08:00
sigoden	6be36b8e51	fix: webdav only see public folder even logging in (#231 )	2023-06-05 11:40:31 +08:00
sigoden	8be545d3da	fix: ui refresh page after login (#230 )	2023-06-03 10:09:02 +08:00
sigoden	4f3a8d275b	chore: release v0.34.1	2023-06-02 19:44:35 +08:00
sigoden	9c412f4276	refactor: ui checkAuth (#226 )	2023-06-02 19:35:30 +08:00
sigoden	27c269d6a0	fix: allow all cors headers and methods (#225 )	2023-06-02 19:07:43 +08:00
sigoden	57b4a74279	fix: auth logic (#224 )	2023-06-02 18:38:59 +08:00