update deps

chore: release v0.40.0
2026-04-09 00:59:02 +03:00 · 2024-02-13 03:16:57 +00:00 · 2024-02-13 01:19:40 +00:00
37 changed files with 1524 additions and 3567 deletions
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -5,24 +5,14 @@ about: Create a report to help us improve
 **Problem**
-<!-- Provide a clear and concise description of the bug you're experiencing. What did you expect to happen, and what actually happened? -->
+<!-- A clear and concise description of what the bug is. -->
 **Configuration**
 <!-- Please specify the Dufs command-line arguments or configuration used. -->
 <!-- If the issue is related to authentication/permissions, include auth configurations while concealing sensitive information (e.g., passwords). -->
 **Log**
-<!-- Attach relevant log outputs that can help diagnose the issue. -->
+The dufs log is crucial for locating the problem, so please do not omit it.
-**Screenshots/Media**
+**Environment:**
 <!-- If applicable, add screenshots or videos that help illustrate the issue, especially for WebUI problems. -->
 **Environment Information**
 - Dufs version:
 - Browser/Webdav info:
 - OS info:
- - Proxy server (if any):  <!-- e.g. nginx, cloudflare -->
+ - Proxy server:  e.g. nginx, cloudflare
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -29,7 +29,7 @@ jobs:
      RUSTFLAGS: --deny warnings
    steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v3
    - name: Install Rust Toolchain Components
      uses: dtolnay/rust-toolchain@stable
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -38,6 +38,14 @@ jobs:
          os: ubuntu-latest
          use-cross: true
          cargo-flags: ""
        - target: i686-unknown-linux-musl
          os: ubuntu-latest
          use-cross: true
          cargo-flags: ""
        - target: i686-pc-windows-msvc
          os: windows-latest
          use-cross: true
          cargo-flags: ""
        - target: armv7-unknown-linux-musleabihf
          os: ubuntu-latest
          use-cross: true
@@ -46,13 +54,28 @@ jobs:
          os: ubuntu-latest
          use-cross: true
          cargo-flags: ""
-
+        - target: mips-unknown-linux-musl
          os: ubuntu-latest
          use-cross: true
          cargo-flags: "--no-default-features"
        - target: mipsel-unknown-linux-musl
          os: ubuntu-latest
          use-cross: true
          cargo-flags: "--no-default-features"
        - target: mips64-unknown-linux-gnuabi64
          os: ubuntu-latest
          use-cross: true
          cargo-flags: "--no-default-features"
        - target: mips64el-unknown-linux-gnuabi64
          os: ubuntu-latest
          use-cross: true
          cargo-flags: "--no-default-features"
    runs-on: ${{matrix.os}}
    env:
      BUILD_CMD: cargo
    steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v3
    - name: Check Tag
      id: check-tag
@@ -71,6 +94,8 @@ jobs:
      uses: dtolnay/rust-toolchain@stable
      with:
        targets: ${{ matrix.target }}
        #  Since rust 1.72, mips platforms are tier 3
        toolchain: 1.71
    - name: Install cross
      if: matrix.use-cross
@@ -130,12 +155,14 @@ jobs:
        fi
    - name: Publish Archive
-      uses: softprops/action-gh-release@v2
+      uses: softprops/action-gh-release@v1
      if: ${{ startsWith(github.ref, 'refs/tags/') }}
      with:
        draft: false
        files: ${{ steps.package.outputs.archive }}
        prerelease: ${{ steps.check-tag.outputs.rc == 'true' }}
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  docker:
    name: Publish to Docker Hub
@@ -144,18 +171,17 @@ jobs:
    needs: release
    steps:
      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
+        uses: docker/setup-qemu-action@v2
      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@v2
      - name: Login to DockerHub
-        uses: docker/login-action@v3
+        uses: docker/login-action@v2
        with:
-          username: ${{ github.repository_owner	}}
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Build and push
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v4
        with:
          file: Dockerfile-release
          build-args: |
            REPO=${{ github.repository }}
            VER=${{ github.ref_name }}
@@ -173,7 +199,7 @@ jobs:
    runs-on: ubuntu-latest
    needs: release
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
      - uses: dtolnay/rust-toolchain@stable
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,125 +2,6 @@
 All notable changes to this project will be documented in this file.
 ## [0.46.0] - 2026-03-04
 ### Bug Fixes
 - Some search results missing due to broken symlinks ([#665](https://github.com/sigoden/dufs/issues/665))
 - Escape filename in ?simple output ([#669](https://github.com/sigoden/dufs/issues/669))
 - Ensure symlink inside serve root ([#670](https://github.com/sigoden/dufs/issues/670))
 ### Features
 - Add option --allow-hash to allow/disallow file hashing ([#657](https://github.com/sigoden/dufs/issues/657))
 ### Refactor
 - Update deps ([#655](https://github.com/sigoden/dufs/issues/655))
 - Improve UI button titles ([#656](https://github.com/sigoden/dufs/issues/656))
 ## [0.45.0] - 2025-09-03
 ### Bug Fixes
 - Perms on `dufs -A -a @/:ro` ([#619](https://github.com/sigoden/dufs/issues/619))
 - Login btn does not work for readonly anonymous ([#620](https://github.com/sigoden/dufs/issues/620))
 - Verify token length ([#627](https://github.com/sigoden/dufs/issues/627))
 ### Features
 - Make dir urls inherit `?noscript` params ([#614](https://github.com/sigoden/dufs/issues/614))
 - Log decoded uri ([#615](https://github.com/sigoden/dufs/issues/615))
 ## [0.44.0] - 2025-08-02
 ### Bug Fixes
 - No authentication check if no auth users ([#497](https://github.com/sigoden/dufs/issues/497))
 - Webui can't handle hash property of URL well ([#515](https://github.com/sigoden/dufs/issues/515))
 - Incorrect dir size due to hidden files ([#529](https://github.com/sigoden/dufs/issues/529))
 - Webui formatDirSize ([#568](https://github.com/sigoden/dufs/issues/568))
 - Follow symlinks when searching/archiving ([#572](https://github.com/sigoden/dufs/issues/572))
 - Incorrect separator for zip archives under windows ([#577](https://github.com/sigoden/dufs/issues/577))
 - Unexpected public auth asking for login info ([#583](https://github.com/sigoden/dufs/issues/583))
 ### Features
 - Higher perm auth path shadows lower one ([#521](https://github.com/sigoden/dufs/issues/521))
 - Add cache-control:no-cache while sending file and index ([#528](https://github.com/sigoden/dufs/issues/528))
 - Support multipart ranges ([#535](https://github.com/sigoden/dufs/issues/535))
 - Limit sub directory item counting ([#556](https://github.com/sigoden/dufs/issues/556))
 - Tolerate the absence of mtime ([#559](https://github.com/sigoden/dufs/issues/559))
 - Support noscript fallback ([#602](https://github.com/sigoden/dufs/issues/602))
 - Support  downloading via token auth ([#603](https://github.com/sigoden/dufs/issues/603))
 ### Refactor
 - Change description for `--allow-archive` ([#511](https://github.com/sigoden/dufs/issues/511))
 - Removes clippy warnings ([#601](https://github.com/sigoden/dufs/issues/601))
 - Update deps ([#604](https://github.com/sigoden/dufs/issues/604))
 - Fix typos ([#605](https://github.com/sigoden/dufs/issues/605))
 ## [0.43.0] - 2024-11-04
 ### Bug Fixes
 - Auth failed if password contains `:` ([#449](https://github.com/sigoden/dufs/issues/449))
 - Resolve speed bottleneck in 10G network ([#451](https://github.com/sigoden/dufs/issues/451))
 ### Features
 - Webui displays subdirectory items ([#457](https://github.com/sigoden/dufs/issues/457))
 - Support binding abstract unix socket ([#468](https://github.com/sigoden/dufs/issues/468))
 - Provide healthcheck API ([#474](https://github.com/sigoden/dufs/issues/474))
 ### Refactor
 - Do not show size for Dir ([#447](https://github.com/sigoden/dufs/issues/447))
 ## [0.42.0] - 2024-09-01
 ### Bug Fixes
 - Garbled characters caused by atob ([#422](https://github.com/sigoden/dufs/issues/422))
 - Webui unexpected save-btn when file is non-editable ([#429](https://github.com/sigoden/dufs/issues/429))
 - Login succeeded but popup `Forbidden` ([#437](https://github.com/sigoden/dufs/issues/437))
 ### Features
 - Implements remaining http cache conditionalss ([#407](https://github.com/sigoden/dufs/issues/407))
 - Base64 index-data to avoid misencoding ([#421](https://github.com/sigoden/dufs/issues/421))
 - Webui support logout ([#439](https://github.com/sigoden/dufs/issues/439))
 ### Refactor
 - No inline scripts in HTML ([#391](https://github.com/sigoden/dufs/issues/391))
 - Return 400 for propfind request when depth is neither 0 nor 1 ([#403](https://github.com/sigoden/dufs/issues/403))
 - Remove sabredav-partialupdate from DAV res header ([#415](https://github.com/sigoden/dufs/issues/415))
 - Date formatting in cache tests ([#428](https://github.com/sigoden/dufs/issues/428))
 - Some query params work as flag and must not accept a value ([#431](https://github.com/sigoden/dufs/issues/431))
 - Improve logout at asserts/index.js ([#440](https://github.com/sigoden/dufs/issues/440))
 - Make logout works on safari ([#442](https://github.com/sigoden/dufs/issues/442))
 ## [0.41.0] - 2024-05-22
 ### Bug Fixes
 - Timestamp format of getlastmodified in dav xml ([#366](https://github.com/sigoden/dufs/issues/366))
 - Strange issue that occurs only on Microsoft WebDAV ([#382](https://github.com/sigoden/dufs/issues/382))
 - Head div overlap main contents when wrap ([#386](https://github.com/sigoden/dufs/issues/386))
 ### Features
 - Tls handshake timeout ([#368](https://github.com/sigoden/dufs/issues/368))
 - Add api to get the hash of a file ([#375](https://github.com/sigoden/dufs/issues/375))
 - Add log-file option ([#383](https://github.com/sigoden/dufs/issues/383))
 ### Refactor
 - Digest_auth related tests ([#372](https://github.com/sigoden/dufs/issues/372))
 - Add fixed-width numerals to date and size on file list page ([#378](https://github.com/sigoden/dufs/issues/378))
 ## [0.40.0] - 2024-02-13
 ### Bug Fixes
@@ -204,7 +85,7 @@ All notable changes to this project will be documented in this file.
 - Remove one clone on `assets_prefix` ([#270](https://github.com/sigoden/dufs/issues/270))
 - Optimize tests
- Improve code quality ([#282](https://github.com/sigoden/dufs/issues/282))
+- Improve code quanity ([#282](https://github.com/sigoden/dufs/issues/282))
 ## [0.36.0] - 2023-08-24
--- a/Cargo.lock
+++ b/Cargo.lock
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "dufs"
-version = "0.46.0"
+version = "0.40.0"
 edition = "2021"
 authors = ["sigoden <sigoden@gmail.com>"]
 description = "Dufs is a distinctive utility file server"
@@ -11,28 +11,29 @@ categories = ["command-line-utilities", "web-programming::http-server"]
 keywords = ["static", "file", "server", "webdav", "cli"]
 [dependencies]
-clap = { version = "4.5", features = ["wrap_help", "env"] }
+clap = { version = "~4.4", features = ["wrap_help", "env"] }
-clap_complete = "4.5"
+clap_complete = "~4.4"
 chrono = { version = "0.4", default-features = false, features = ["clock"] }
-tokio = { version = "1", features = ["rt-multi-thread", "macros", "fs", "io-util", "signal", "net"]}
+tokio = { version = "1", features = ["rt-multi-thread", "macros", "fs", "io-util", "signal"]}
 tokio-util = { version = "0.7",  features = ["io-util", "compat"] }
-hyper = { version = "1", features = ["http1", "server"] }
+hyper = { version = "1.0", features = ["http1", "server"] }
 percent-encoding = "2.3"
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
 futures-util = { version = "0.3", default-features = false, features = ["alloc"] }
-async_zip = { version = "0.0.18", default-features = false, features = ["deflate", "bzip2", "xz", "chrono", "tokio"] }
+async_zip = { version = "0.0.16", default-features = false, features = ["deflate", "bzip2", "xz", "chrono", "tokio"] }
 headers = "0.4"
 mime_guess = "2.0"
-if-addrs = "0.15"
+if-addrs = "0.11"
-tokio-rustls = { version = "0.26", optional = true }
+rustls-pemfile = { version = "2.0", optional = true }
-md5 = "0.8"
+tokio-rustls = { version = "0.25", optional = true }
 md5 = "0.7"
 lazy_static = "1.4"
 uuid = { version = "1.7", features = ["v4", "fast-rng"] }
 urlencoding = "2.1"
-xml-rs = "1.0.0"
+xml-rs = "0.8"
-log = { version = "0.4", features = ["std"] }
+log = "0.4"
-socket2 = "0.6"
+socket2 = "0.5"
 async-stream = "0.3"
 walkdir = "2.3"
 form_urlencoded = "1.2"
@@ -44,31 +45,28 @@ glob = "0.3"
 indexmap = "2.2"
 serde_yaml = "0.9"
 sha-crypt = "0.5"
-base64 = "0.22"
+base64 = "0.21"
 smart-default = "0.7"
 rustls-pki-types = "1.2"
 hyper-util = { version = "0.1", features = ["server-auto", "tokio"] }
 http-body-util = "0.1"
 bytes = "1.5"
 pin-project-lite = "0.2"
 sha2 = "0.10.8"
 ed25519-dalek = "2.2.0"
 hex = "0.4.3"
 [features]
 default = ["tls"]
-tls = ["tokio-rustls"]
+tls = ["rustls-pemfile", "tokio-rustls"]
 [dev-dependencies]
 assert_cmd = "2"
-reqwest = { version = "0.13", features = ["blocking", "multipart", "rustls"], default-features = false }
+reqwest = { version = "0.11", features = ["blocking", "multipart", "rustls-tls"], default-features = false }
 assert_fs = "1"
-port_check = "0.3"
+port_check = "0.1"
-rstest = "0.26.1"
+rstest = "0.18"
 regex = "1"
 url = "2"
 diqwest = { version = "2.0", features = ["blocking"], default-features = false }
 predicates = "3"
 digest_auth = "0.3.1"
 [profile.release]
 opt-level = 3
--- a/23
+++ b/23
@@ -1,12 +1,17 @@
-FROM --platform=linux/amd64 messense/rust-musl-cross:x86_64-musl AS amd64
+FROM alpine as builder
-COPY . .
+ARG REPO VER TARGETPLATFORM
-RUN cargo install --path . --root /
+RUN if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \ 
-
+        TARGET="x86_64-unknown-linux-musl"; \
-FROM --platform=linux/amd64 messense/rust-musl-cross:aarch64-musl AS arm64
+    elif [  "$TARGETPLATFORM" = "linux/arm64" ]; then \
-COPY . .
+        TARGET="aarch64-unknown-linux-musl"; \
-RUN cargo install --path . --root /
+    elif [  "$TARGETPLATFORM" = "linux/386" ]; then \
-
+        TARGET="i686-unknown-linux-musl"; \
-FROM ${TARGETARCH} AS builder
+    elif [  "$TARGETPLATFORM" = "linux/arm/v7" ]; then \
        TARGET="armv7-unknown-linux-musleabihf"; \
    fi && \
    wget https://github.com/${REPO}/releases/download/${VER}/dufs-${VER}-${TARGET}.tar.gz && \
    tar -xf dufs-${VER}-${TARGET}.tar.gz && \
    mv dufs /bin/
 FROM scratch
 COPY --from=builder /bin/dufs /bin/dufs
--- a/19
+++ b/19
@@ -1,19 +0,0 @@
 FROM alpine as builder
 ARG REPO VER TARGETPLATFORM
 RUN if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \ 
        TARGET="x86_64-unknown-linux-musl"; \
    elif [  "$TARGETPLATFORM" = "linux/arm64" ]; then \
        TARGET="aarch64-unknown-linux-musl"; \
    elif [  "$TARGETPLATFORM" = "linux/386" ]; then \
        TARGET="i686-unknown-linux-musl"; \
    elif [  "$TARGETPLATFORM" = "linux/arm/v7" ]; then \
        TARGET="armv7-unknown-linux-musleabihf"; \
    fi && \
    wget https://github.com/${REPO}/releases/download/${VER}/dufs-${VER}-${TARGET}.tar.gz && \
    tar -xf dufs-${VER}-${TARGET}.tar.gz && \
    mv dufs /bin/
 FROM scratch
 COPY --from=builder /bin/dufs /bin/dufs
 STOPSIGNAL SIGINT
 ENTRYPOINT ["/bin/dufs"]
--- a/README.md
+++ b/README.md
@@ -2,7 +2,6 @@
 [![CI](https://github.com/sigoden/dufs/actions/workflows/ci.yaml/badge.svg)](https://github.com/sigoden/dufs/actions/workflows/ci.yaml)
 [![Crates](https://img.shields.io/crates/v/dufs.svg)](https://crates.io/crates/dufs)
 [![Docker Pulls](https://img.shields.io/docker/pulls/sigoden/dufs)](https://hub.docker.com/r/sigoden/dufs)
 Dufs is a distinctive utility file server that supports static serving, uploading, searching, accessing control, webdav...
@@ -31,7 +30,7 @@ cargo install dufs
 ### With docker
 ```
-docker run -v `pwd`:/data -p 5000:5000 --rm sigoden/dufs /data -A
+docker run -v `pwd`:/data -p 5000:5000 --rm -it sigoden/dufs /data -A
 ```
 ### With [Homebrew](https://brew.sh)
@@ -66,15 +65,13 @@ Options:
      --allow-delete         Allow delete files/folders
      --allow-search         Allow search files/folders
      --allow-symlink        Allow symlink to files/folders outside root directory
-      --allow-archive        Allow download folders as archive file
+      --allow-archive        Allow zip archive generation
      --allow-hash           Allow ?hash query to get file sha256 hash
      --enable-cors          Enable CORS, sets `Access-Control-Allow-Origin: *`
      --render-index         Serve index.html when requesting a directory, returns 404 if not found index.html
      --render-try-index     Serve index.html when requesting a directory, returns directory listing if not found index.html
      --render-spa           Serve SPA(Single Page Application)
      --assets <path>        Set the path to the assets directory for overriding the built-in assets
      --log-format <format>  Customize http log format
      --log-file <file>      Specify the file to save logs to, other than stdout/stderr
      --compress <level>     Set zip compress level [default: low] [possible values: none, low, medium, high]
      --completions <shell>  Print shell completion script for <shell> [possible values: bash, elvish, fish, powershell, zsh]
      --tls-cert <path>      Path to an SSL/TLS certificate to serve with HTTPS
@@ -160,8 +157,7 @@ curl -T path-to-file http://127.0.0.1:5000/new-path/path-to-file
 Download a file
 ```sh
-curl http://127.0.0.1:5000/path-to-file           # download the file
+curl http://127.0.0.1:5000/path-to-file
 curl http://127.0.0.1:5000/path-to-file?hash      # retrieve the sha256 hash of the file
 ```
 Download a folder as zip file
@@ -179,13 +175,13 @@ curl -X DELETE http://127.0.0.1:5000/path-to-file-or-folder
 Create a directory
 ```sh
-curl -X MKCOL http://127.0.0.1:5000/path-to-folder
+curl -X MKCOL https://127.0.0.1:5000/path-to-folder
 ```
 Move the file/folder to the new path
 ```sh
-curl -X MOVE http://127.0.0.1:5000/path -H "Destination: http://127.0.0.1:5000/new-path"
+curl -X MOVE https://127.0.0.1:5000/path -H "Destination: https://127.0.0.1:5000/new-path"
 ```
 List/search directory contents
@@ -217,14 +213,8 @@ dd skip=$upload_offset if=file status=none ibs=1 | \
  curl -X PATCH -H "X-Update-Range: append" --data-binary @- http://127.0.0.1:5000/file
 ```
 Health checks
 ```sh
 curl http://127.0.0.1:5000/__dufs__/health
 ```
 <details>
-<summary><h2>Advanced Topics</h2></summary>
+<summary><h2>Advanced topics</h2></summary>
 ### Access Control
@@ -245,25 +235,24 @@ dufs -a user:pass@/:rw,/dir1 -a @/
 - `-a user:pass@/:rw,/dir1`: `user` has read-write permissions for `/*`, has read-only permissions for `/dir1/*`.
 - `-a @/`: All paths is publicly accessible, everyone can view/download it.
-**Auth permissions are restricted by dufs global permissions.** If dufs does not enable upload permissions via `--allow-upload`, then the account will not have upload permissions even if it is granted `read-write`(`:rw`) permissions.
+> There are no restrictions on using ':' and '@' characters in a password. For example, `user:pa:ss@1@/:rw` is valid, the password is `pa:ss@1`.
 #### Hashed Password
 DUFS supports the use of sha-512 hashed password.
-Create hashed password:
+Create hashed password
-```sh
+```
-$ openssl passwd -6 123456 # or `mkpasswd -m sha-512 123456`
+$ mkpasswd  -m sha-512 -s
-$6$tWMB51u6Kb2ui3wd$5gVHP92V9kZcMwQeKTjyTRgySsYJu471Jb1I6iHQ8iZ6s07GgCIO69KcPBRuwPE5tDq05xMAzye0NxVKuJdYs/
+Password: 123456 
 $6$qCAVUG7yn7t/hH4d$BWm8r5MoDywNmDP/J3V2S2a6flmKHC1IpblfoqZfuK.LtLBZ0KFXP9QIfJP8RqL8MCw4isdheoAMTuwOz.pAO/
 ```
-Use hashed password:
+Use hashed password
-
+```
-```sh
+dufs -a 'admin:$6$qCAVUG7yn7t/hH4d$BWm8r5MoDywNmDP/J3V2S2a6flmKHC1IpblfoqZfuK.LtLBZ0KFXP9QIfJP8RqL8MCw4isdheoAMTuwOz.pAO/@/:rw'
 dufs -a 'admin:$6$tWMB51u6Kb2ui3wd$5gVHP92V9kZcMwQeKTjyTRgySsYJu471Jb1I6iHQ8iZ6s07GgCIO69KcPBRuwPE5tDq05xMAzye0NxVKuJdYs/@/:rw'
 ```
 > The hashed password contains `$6`, which can expand to a variable in some shells, so you have to use **single quotes** to wrap it.
 Two important things for hashed passwords:
@@ -338,7 +327,7 @@ All options can be set using environment variables prefixed with `DUFS_`.
    --config <file>         DUFS_CONFIG=config.yaml
 -b, --bind <addrs>          DUFS_BIND=0.0.0.0
 -p, --port <port>           DUFS_PORT=5000
-    --path-prefix <path>    DUFS_PATH_PREFIX=/dufs
+    --path-prefix <path>    DUFS_PATH_PREFIX=/static
    --hidden <value>        DUFS_HIDDEN=tmp,*.log,*.lock
 -a, --auth <rules>          DUFS_AUTH="admin:admin@/:rw|@/" 
 -A, --allow-all             DUFS_ALLOW_ALL=true
@@ -347,15 +336,13 @@ All options can be set using environment variables prefixed with `DUFS_`.
    --allow-search          DUFS_ALLOW_SEARCH=true
    --allow-symlink         DUFS_ALLOW_SYMLINK=true
    --allow-archive         DUFS_ALLOW_ARCHIVE=true
    --allow-hash            DUFS_ALLOW_HASH=true
    --enable-cors           DUFS_ENABLE_CORS=true
    --render-index          DUFS_RENDER_INDEX=true
    --render-try-index      DUFS_RENDER_TRY_INDEX=true
    --render-spa            DUFS_RENDER_SPA=true
-    --assets <path>         DUFS_ASSETS=./assets
+    --assets <path>         DUFS_ASSETS=/assets
    --log-format <format>   DUFS_LOG_FORMAT=""
-    --log-file <file>       DUFS_LOG_FILE=./dufs.log
+    --compress <compress>   DUFS_COMPRESS="low"
    --compress <compress>   DUFS_COMPRESS=low
    --tls-cert <path>       DUFS_TLS_CERT=cert.pem
    --tls-key <path>        DUFS_TLS_KEY=key.pem
 ```
@@ -385,14 +372,12 @@ allow-delete: true
 allow-search: true
 allow-symlink: true
 allow-archive: true
 allow-hash: true
 enable-cors: true
 render-index: true
 render-try-index: true
 render-spa: true
 assets: ./assets/
 log-format: '$remote_addr "$request" $status $http_user_agent'
 log-file: ./dufs.log
 compress: low
 tls-cert: tests/data/cert.pem
 tls-key: tests/data/key_pkcs1.pem
@@ -406,8 +391,6 @@ Dufs allows users to customize the UI with your own assets.
 dufs --assets my-assets-dir/
 ```
 > If you only need to make slight adjustments to the current UI, you copy dufs's [assets](https://github.com/sigoden/dufs/tree/main/assets) directory and modify it accordingly. The current UI doesn't use any frameworks, just plain HTML/JS/CSS. As long as you have some basic knowledge of web development, it shouldn't be difficult to modify.
 Your assets folder must contains a `index.html` file.
 `index.html` can use the following placeholder variables to retrieve internal data.
--- a/assets/favicon.ico
+++ b/assets/favicon.ico
--- a/assets/index.css
+++ b/assets/index.css
@@ -6,7 +6,7 @@ html {
 body {
  /* prevent premature breadcrumb wrapping on mobile */
-  min-width: 538px;
+  min-width: 500px;
  margin: 0;
 }
@@ -19,15 +19,14 @@ body {
  flex-wrap: wrap;
  align-items: center;
  padding: 0.6em 1em;
-  position: sticky;
+  position: fixed;
-  top: 0;
+  width: 100%;
  background-color: white;
 }
 .breadcrumb {
  font-size: 1.25em;
  padding-right: 0.6em;
  word-break: break-all;
 }
 .breadcrumb>a {
@@ -109,7 +108,7 @@ body {
 }
 .main {
-  padding: 0 1em;
+  padding: 3.3em 1em 0;
 }
 .empty-folder {
@@ -154,20 +153,18 @@ body {
 .paths-table .cell-actions {
  width: 90px;
  display: flex;
-  padding-left: 0.5em;
+  padding-left: 0.6em;
 }
 .paths-table .cell-mtime {
  width: 120px;
-  padding-left: 0.5em;
+  padding-left: 0.6em;
  font-variant-numeric: tabular-nums;
 }
 .paths-table .cell-size {
  text-align: right;
  width: 70px;
-  padding-left: 0.5em;
+  padding-left: 0.6em;
  font-variant-numeric: tabular-nums;
 }
 .path svg {
@@ -189,7 +186,7 @@ body {
  display: block;
  text-decoration: none;
  max-width: calc(100vw - 375px);
-  min-width: 170px;
+  min-width: 200px;
 }
 .path a:hover {
@@ -222,18 +219,13 @@ body {
  margin-right: 2em;
 }
 .login-btn {
  cursor: pointer;
 }
 .save-btn {
  cursor: pointer;
  -webkit-user-select: none;
  user-select: none;
 }
-.logout-btn {
+.user-btn {
  cursor: pointer;
    display: flex;
    align-items: center;
 }
--- a/assets/index.html
+++ b/assets/index.html
@@ -4,11 +4,12 @@
 <head>
  <meta charset="utf-8" />
  <meta name="viewport" content="width=device-width" />
  <noscript>
    <meta http-equiv="refresh" content="0; url=?noscript">
  </noscript>
  <link rel="icon" type="image/x-icon" href="__ASSETS_PREFIX__favicon.ico">
  <link rel="stylesheet" href="__ASSETS_PREFIX__index.css">
  <script>
    DATA = __INDEX_DATA__
  </script>
  <script src="__ASSETS_PREFIX__index.js"></script>
 </head>
 <body>
@@ -23,7 +24,7 @@
            d="M7.646 11.854a.5.5 0 0 0 .708 0l3-3a.5.5 0 0 0-.708-.708L8.5 10.293V1.5a.5.5 0 0 0-1 0v8.793L5.354 8.146a.5.5 0 1 0-.708.708l3 3z" />
        </svg>
      </a>
-      <div class="control move-file hidden" title="Move & Rename">
+      <div class="control move-file hidden" title="Move to new path">
        <svg class="icon-move" width="16" height="16" viewBox="0 0 16 16">
          <path fill-rule="evenodd"
            d="M1.5 1.5A.5.5 0 0 0 1 2v4.8a2.5 2.5 0 0 0 2.5 2.5h9.793l-3.347 3.346a.5.5 0 0 0 .708.708l4.2-4.2a.5.5 0 0 0 0-.708l-4-4a.5.5 0 0 0-.708.708L13.293 8.3H3.5A1.5 1.5 0 0 1 2 6.8V2a.5.5 0 0 0-.5-.5z">
@@ -38,7 +39,7 @@
            d="M14 14V4.5L9.5 0H4a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h8a2 2 0 0 0 2-2zM9.5 3A1.5 1.5 0 0 0 11 4.5h2V14a1 1 0 0 1-1 1H4a1 1 0 0 1-1-1V2a1 1 0 0 1 1-1h5.5v2z" />
        </svg>
      </div>
-      <div class="control upload-file hidden" title="Upload files/folders">
+      <div class="control upload-file hidden" title="Upload files">
        <label for="file">
          <svg width="16" height="16" viewBox="0 0 16 16">
            <path
@@ -47,7 +48,7 @@
              d="M7.646 1.146a.5.5 0 0 1 .708 0l3 3a.5.5 0 0 1-.708.708L8.5 2.707V11.5a.5.5 0 0 1-1 0V2.707L5.354 4.854a.5.5 0 1 1-.708-.708l3-3z" />
          </svg>
        </label>
-        <input type="file" id="file" title="Upload files/folders" name="file" multiple>
+        <input type="file" id="file" title="Upload files" name="file" multiple>
      </div>
      <div class="control new-folder hidden" title="New folder">
        <svg width="16" height="16" viewBox="0 0 16 16">
@@ -73,12 +74,11 @@
            d="M11.742 10.344a6.5 6.5 0 1 0-1.397 1.398h-.001c.03.04.062.078.098.115l3.85 3.85a1 1 0 0 0 1.415-1.414l-3.85-3.85a1.007 1.007 0 0 0-.115-.1zM12 6.5a5.5 5.5 0 1 1-11 0 5.5 5.5 0 0 1 11 0z" />
        </svg>
      </div>
-      <input id="search" title="Searching for folders or files" name="q" type="text" maxlength="128" autocomplete="off"
+      <input id="search" title="Searching for folders or files" name="q" type="text" maxlength="128" autocomplete="off" tabindex="1">
        tabindex="1">
      <input type="submit" hidden />
    </form>
    <div class="toolbox-right">
-      <div class="login-btn hidden" title="Login">
+      <div class="login-btn hidden" title="Login for upload/move/delete/edit permissions">
        <svg width="16" height="16" viewBox="0 0 16 16">
          <path fill-rule="evenodd"
            d="M6 3.5a.5.5 0 0 1 .5-.5h8a.5.5 0 0 1 .5.5v9a.5.5 0 0 1-.5.5h-8a.5.5 0 0 1-.5-.5v-2a.5.5 0 0 0-1 0v2A1.5 1.5 0 0 0 6.5 14h8a1.5 1.5 0 0 0 1.5-1.5v-9A1.5 1.5 0 0 0 14.5 2h-8A1.5 1.5 0 0 0 5 3.5v2a.5.5 0 0 0 1 0v-2z" />
@@ -86,10 +86,10 @@
            d="M11.854 8.354a.5.5 0 0 0 0-.708l-3-3a.5.5 0 1 0-.708.708L10.293 7.5H1.5a.5.5 0 0 0 0 1h8.793l-2.147 2.146a.5.5 0 0 0 .708.708l3-3z" />
        </svg>
      </div>
-      <div class="logout-btn hidden" title="Logout">
+      <div class="user-btn hidden">
        <svg width="16" height="16" viewBox="0 0 16 16">
-          <path fill-rule="evenodd" d="M10 3.5a.5.5 0 0 0-.5-.5h-8a.5.5 0 0 0-.5.5v9a.5.5 0 0 0 .5.5h8a.5.5 0 0 0 .5-.5v-2a.5.5 0 0 1 1 0v2A1.5 1.5 0 0 1 9.5 14h-8A1.5 1.5 0 0 1 0 12.5v-9A1.5 1.5 0 0 1 1.5 2h8A1.5 1.5 0 0 1 11 3.5v2a.5.5 0 0 1-1 0z"/>
+          <path
-          <path fill-rule="evenodd" d="M4.146 8.354a.5.5 0 0 1 0-.708l3-3a.5.5 0 1 1 .708.708L5.707 7.5H14.5a.5.5 0 0 1 0 1H5.707l2.147 2.146a.5.5 0 0 1-.708.708z"/>
+            d="M8 8a3 3 0 1 0 0-6 3 3 0 0 0 0 6Zm2-3a2 2 0 1 1-4 0 2 2 0 0 1 4 0Zm4 8c0 1-1 1-1 1H3s-1 0-1-1 1-4 6-4 6 3 6 4Zm-1-.004c-.001-.246-.154-.986-.832-1.664C11.516 10.68 10.289 10 8 10c-2.29 0-3.516.68-4.168 1.332-.678.678-.83 1.418-.832 1.664h10Z" />
        </svg>
        <span class="user-name"></span>
      </div>
@@ -125,8 +125,9 @@
      <textarea id="editor" class="editor hidden" aria-label="Editor" cols="10"></textarea>
    </div>
  </div>
-  <template id="index-data">__INDEX_DATA__</template>
+  <script>
-  <script src="__ASSETS_PREFIX__index.js"></script>
+    window.addEventListener("DOMContentLoaded", ready);
  </script>
 </body>
 </html>
--- a/assets/index.js
+++ b/assets/index.js
@@ -29,11 +29,6 @@ var DUFS_MAX_UPLOADINGS = 1;
 */
 var DATA;
 /**
 * @type {string}
 */
 var DIR_EMPTY_NOTE;
 /**
 * @type {PARAMS}
 * @typedef {object} PARAMS
@@ -50,7 +45,7 @@ const IFRAME_FORMATS = [
  ".mp3", ".ogg", ".wav", ".m4a",
 ];
-const MAX_SUBPATHS_COUNT = 1000;
+const dirEmptyNote = PARAMS.q ? 'No results' : DATA.dir_exists ? 'Empty folder' : 'Folder will be created when a file is uploaded';
 const ICONS = {
  dir: `<svg height="16" viewBox="0 0 14 16" width="14"><path fill-rule="evenodd" d="M13 4H7V3c0-.66-.31-1-1-1H1c-.55 0-1 .45-1 1v10c0 .55.45 1 1 1h12c.55 0 1-.45 1-1V5c0-.55-.45-1-1-1zM6 4H1V3h5v1z"></path></svg>`,
@@ -96,61 +91,44 @@ let $editor;
 /**
 * @type Element
 */
-let $loginBtn;
+let $userBtn;
 /**
 * @type Element
 */
 let $logoutBtn;
 /**
 * @type Element
 */
 let $userName;
-// Produce table when window loads
+function ready() {
-window.addEventListener("DOMContentLoaded", async () => {
+  $pathsTable = document.querySelector(".paths-table")
  const $indexData = document.getElementById('index-data');
  if (!$indexData) {
    alert("No data");
    return;
  }
  DATA = JSON.parse(decodeBase64($indexData.innerHTML));
  DIR_EMPTY_NOTE = PARAMS.q ? 'No results' : DATA.dir_exists ? 'Empty folder' : 'Folder will be created when a file is uploaded';
  await ready();
 });
 async function ready() {
  $pathsTable = document.querySelector(".paths-table");
  $pathsTableHead = document.querySelector(".paths-table thead");
  $pathsTableBody = document.querySelector(".paths-table tbody");
  $uploadersTable = document.querySelector(".uploaders-table");
  $emptyFolder = document.querySelector(".empty-folder");
  $editor = document.querySelector(".editor");
-  $loginBtn = document.querySelector(".login-btn");
+  $userBtn = document.querySelector(".user-btn");
  $logoutBtn = document.querySelector(".logout-btn");
  $userName = document.querySelector(".user-name");
  addBreadcrumb(DATA.href, DATA.uri_prefix);
-  if (DATA.kind === "Index") {
+  if (DATA.kind == "Index") {
    document.title = `Index of ${DATA.href} - Dufs`;
    document.querySelector(".index-page").classList.remove("hidden");
-    await setupIndexPage();
+    setupIndexPage();
-  } else if (DATA.kind === "Edit") {
+
  } else if (DATA.kind == "Edit") {
    document.title = `Edit ${DATA.href} - Dufs`;
-    document.querySelector(".editor-page").classList.remove("hidden");
+    document.querySelector(".editor-page").classList.remove("hidden");;
-    await setupEditorPage();
+    setupEditorPage();
-  } else if (DATA.kind === "View") {
+  } else if (DATA.kind == "View") {
    document.title = `View ${DATA.href} - Dufs`;
-    document.querySelector(".editor-page").classList.remove("hidden");
+    document.querySelector(".editor-page").classList.remove("hidden");;
-    await setupEditorPage();
+    setupEditorPage();
  }
 }
 class Uploader {
  /**
   *
@@ -244,16 +222,16 @@ class Uploader {
      uploadOffset = parseInt(value) || 0;
    }
    this.uploadOffset = uploadOffset;
-    this.ajax();
+    this.ajax()
  }
  progress(event) {
    const now = Date.now();
    const speed = (event.loaded - this.uploaded) / (now - this.lastUptime) * 1000;
-    const [speedValue, speedUnit] = formatFileSize(speed);
+    const [speedValue, speedUnit] = formatSize(speed);
    const speedText = `${speedValue} ${speedUnit}/s`;
    const progress = formatPercent(((event.loaded + this.uploadOffset) / this.file.size) * 100);
-    const duration = formatDuration((event.total - event.loaded) / speed);
+    const duration = formatDuration((event.total - event.loaded) / speed)
    this.$uploadStatus.innerHTML = `<span style="width: 80px;">${speedText}</span><span>${progress} ${duration}</span>`;
    this.uploaded = event.loaded;
    this.lastUptime = now;
@@ -297,7 +275,7 @@ Uploader.runQueue = async () => {
  if (!Uploader.auth) {
    Uploader.auth = true;
    try {
-      await checkAuth();
+      await checkAuth()
    } catch {
      Uploader.auth = false;
    }
@@ -342,12 +320,11 @@ function addBreadcrumb(href, uri_prefix) {
  }
 }
-async function setupIndexPage() {
+function setupIndexPage() {
  if (DATA.allow_archive) {
    const $download = document.querySelector(".download");
    $download.href = baseUrl() + "?zip";
    $download.title = "Download folder as a .zip file";
    $download.classList.add("dlwt");
    $download.classList.remove("hidden");
  }
@@ -359,19 +336,15 @@ async function setupIndexPage() {
  }
  if (DATA.auth) {
-    await setupAuth();
+    setupAuth();
  }
  if (DATA.allow_search) {
-    setupSearch();
+    setupSearch()
  }
  renderPathsTableHead();
  renderPathsTableBody();
  if (DATA.user) {
    setupDownloadWithToken();
  }
 }
 /**
@@ -430,7 +403,7 @@ function renderPathsTableBody() {
      addPath(DATA.paths[i], i);
    }
  } else {
-    $emptyFolder.textContent = DIR_EMPTY_NOTE;
+    $emptyFolder.textContent = dirEmptyNote;
    $emptyFolder.classList.remove("hidden");
  }
 }
@@ -442,7 +415,7 @@ function renderPathsTableBody() {
 */
 function addPath(file, index) {
  const encodedName = encodedStr(file.name);
-  let url = newUrl(file.name);
+  let url = newUrl(file.name)
  let actionDelete = "";
  let actionDownload = "";
  let actionMove = "";
@@ -454,18 +427,18 @@ function addPath(file, index) {
    if (DATA.allow_archive) {
      actionDownload = `
      <div class="action-btn">
-        <a class="dlwt" href="${url}?zip" title="Download folder as a .zip file" download>${ICONS.download}</a>
+        <a href="${url}?zip" title="Download folder as a .zip file">${ICONS.download}</a>
      </div>`;
    }
  } else {
    actionDownload = `
    <div class="action-btn" >
-      <a class="dlwt" href="${url}" title="Download file" download>${ICONS.download}</a>
+      <a href="${url}" title="Download file" download>${ICONS.download}</a>
    </div>`;
  }
  if (DATA.allow_delete) {
    if (DATA.allow_upload) {
-      actionMove = `<div onclick="movePath(${index})" class="action-btn" id="moveBtn${index}" title="Move & Rename">${ICONS.move}</div>`;
+      actionMove = `<div onclick="movePath(${index})" class="action-btn" id="moveBtn${index}" title="Move to new path">${ICONS.move}</div>`;
      if (!isDir) {
        actionEdit = `<a class="action-btn" title="Edit file" target="_blank" href="${url}?edit">${ICONS.edit}</a>`;
      }
@@ -483,9 +456,7 @@ function addPath(file, index) {
    ${actionMove}
    ${actionDelete}
    ${actionEdit}
-  </td>`;
+  </td>`
  let sizeDisplay = isDir ? formatDirSize(file.size) : formatFileSize(file.size).join(" ");
  $pathsTableBody.insertAdjacentHTML("beforeend", `
 <tr id="addPath${index}">
@@ -496,9 +467,9 @@ function addPath(file, index) {
    <a href="${url}" ${isDir ? "" : `target="_blank"`}>${encodedName}</a>
  </td>
  <td class="cell-mtime">${formatMtime(file.mtime)}</td>
-  <td class="cell-size">${sizeDisplay}</td>
+  <td class="cell-size">${formatSize(file.size).join(" ")}</td>
  ${actionCell}
-</tr>`);
+</tr>`)
 }
 function setupDropzone() {
@@ -510,7 +481,7 @@ function setupDropzone() {
  });
  document.addEventListener("drop", async e => {
    if (!e.dataTransfer.items[0].webkitGetAsEntry) {
-      const files = Array.from(e.dataTransfer.files).filter(v => v.size > 0);
+      const files = e.dataTransfer.files.filter(v => v.size > 0);
      for (const file of files) {
        new Uploader(file, []).upload();
      }
@@ -520,52 +491,27 @@ function setupDropzone() {
      for (let i = 0; i < len; i++) {
        entries.push(e.dataTransfer.items[i].webkitGetAsEntry());
      }
-      addFileEntries(entries, []);
+      addFileEntries(entries, [])
    }
  });
 }
-async function setupAuth() {
+function setupAuth() {
  if (DATA.user) {
-    $logoutBtn.classList.remove("hidden");
+    $userBtn.classList.remove("hidden");
    $logoutBtn.addEventListener("click", logout);
    $userName.textContent = DATA.user;
  } else {
    const $loginBtn = document.querySelector(".login-btn");
    $loginBtn.classList.remove("hidden");
    $loginBtn.addEventListener("click", async () => {
      try {
-        await checkAuth("login");
+        await checkAuth()
      } catch { }
        location.reload();
    });
  }
 }
 function setupDownloadWithToken() {
  document.querySelectorAll("a.dlwt").forEach(link => {
    link.addEventListener("click", async e => {
      e.preventDefault();
      try {
        const link = e.currentTarget || e.target;
        const originalHref = link.getAttribute("href");
        const tokengenUrl = new URL(originalHref);
        tokengenUrl.searchParams.set("tokengen", "");
        const res = await fetch(tokengenUrl);
        if (!res.ok) throw new Error("Failed to fetch token");
        const token = await res.text();
        const downloadUrl = new URL(originalHref);
        downloadUrl.searchParams.set("token", token);
        const tempA = document.createElement("a");
        tempA.href = downloadUrl.toString();
        tempA.download = "";
        document.body.appendChild(tempA);
        tempA.click();
        document.body.removeChild(tempA);
      } catch (err) {
-        alert(`Failed to download, ${err.message}`);
+        alert(err.message);
      }
    });
-  });
+  }
 }
 function setupSearch() {
@@ -640,13 +586,11 @@ async function setupEditorPage() {
      await doDeletePath(name, url, () => {
        location.href = location.href.split("/").slice(0, -1).join("/");
      });
-    });
+    })
    if (DATA.editable) {
    const $saveBtn = document.querySelector(".save-btn");
    $saveBtn.classList.remove("hidden");
    $saveBtn.addEventListener("click", saveChange);
    }
  } else if (DATA.kind == "View") {
    $editor.readonly = true;
  }
@@ -656,7 +600,7 @@ async function setupEditorPage() {
    const url = baseUrl();
    const ext = extName(baseName(url));
    if (IFRAME_FORMATS.find(v => v === ext)) {
-      $notEditable.insertAdjacentHTML("afterend", `<iframe src="${url}" sandbox width="100%" height="${window.innerHeight - 100}px"></iframe>`);
+      $notEditable.insertAdjacentHTML("afterend", `<iframe src="${url}" sandbox width="100%" height="${window.innerHeight - 100}px"></iframe>`)
    } else {
      $notEditable.classList.remove("hidden");
      $notEditable.textContent = "Cannot edit because file is too large or binary.";
@@ -673,12 +617,12 @@ async function setupEditorPage() {
      $editor.value = await res.text();
    } else {
      const bytes = await res.arrayBuffer();
-      const dataView = new DataView(bytes);
+      const dataView = new DataView(bytes)
-      const decoder = new TextDecoder(encoding);
+      const decoder = new TextDecoder(encoding)
      $editor.value = decoder.decode(dataView);
    }
  } catch (err) {
-    alert(`Failed to get file, ${err.message}`);
+    alert(`Failed get file, ${err.message}`);
  }
 }
@@ -695,10 +639,10 @@ async function deletePath(index) {
    DATA.paths[index] = null;
    if (!DATA.paths.find(v => !!v)) {
      $pathsTable.classList.add("hidden");
-      $emptyFolder.textContent = DIR_EMPTY_NOTE;
+      $emptyFolder.textContent = dirEmptyNote;
      $emptyFolder.classList.remove("hidden");
    }
-  });
+  })
 }
 async function doDeletePath(name, url, cb) {
@@ -731,13 +675,13 @@ async function movePath(index) {
 }
 async function doMovePath(fileUrl) {
-  const fileUrlObj = new URL(fileUrl);
+  const fileUrlObj = new URL(fileUrl)
  const prefix = DATA.uri_prefix.slice(0, -1);
  const filePath = decodeURIComponent(fileUrlObj.pathname.slice(prefix.length));
-  let newPath = prompt("Enter new path", filePath);
+  let newPath = prompt("Enter new path", filePath)
  if (!newPath) return;
  if (!newPath.startsWith("/")) newPath = "/" + newPath;
  if (filePath === newPath) return;
@@ -782,27 +726,15 @@ async function saveChange() {
  }
 }
-async function checkAuth(variant) {
+async function checkAuth() {
  if (!DATA.auth) return;
-  const qs = variant ? `?${variant}` : "";
+  const res = await fetch(baseUrl(), {
-  const res = await fetch(baseUrl() + qs, {
+    method: "WRITEABLE",
    method: "CHECKAUTH",
  });
  await assertResOK(res);
-  $loginBtn.classList.add("hidden");
+  document.querySelector(".login-btn").classList.add("hidden");
-  $logoutBtn.classList.remove("hidden");
+  $userBtn.classList.remove("hidden");
-  $userName.textContent = await res.text();
+  $userName.textContent = "";
 }
 function logout() {
  if (!DATA.auth) return;
  const url = baseUrl();
  const xhr = new XMLHttpRequest();
  xhr.open("LOGOUT", url, true, DATA.user);
  xhr.onload = () => {
    location.href = url;
  }
  xhr.send();
 }
 /**
@@ -868,11 +800,11 @@ function newUrl(name) {
 }
 function baseUrl() {
-  return location.href.split(/[?#]/)[0];
+  return location.href.split('?')[0];
 }
 function baseName(url) {
-  return decodeURIComponent(url.split("/").filter(v => v.length > 0).slice(-1)[0]);
+  return decodeURIComponent(url.split("/").filter(v => v.length > 0).slice(-1)[0])
 }
 function extName(filename) {
@@ -899,7 +831,7 @@ function getPathSvg(path_type) {
 }
 function formatMtime(mtime) {
-  if (!mtime) return "";
+  if (!mtime) return ""
  const date = new Date(mtime);
  const year = date.getFullYear();
  const month = padZero(date.getMonth() + 1, 2);
@@ -910,23 +842,17 @@ function formatMtime(mtime) {
 }
 function padZero(value, size) {
-  return ("0".repeat(size) + value).slice(-1 * size);
+  return ("0".repeat(size) + value).slice(-1 * size)
 }
-function formatDirSize(size) {
+function formatSize(size) {
-  const unit = size === 1 ? "item" : "items";
+  if (size == null) return [0, "B"]
  const num = size >= MAX_SUBPATHS_COUNT ? `>${MAX_SUBPATHS_COUNT - 1}` : `${size}`;
  return ` ${num} ${unit}`;
 }
 function formatFileSize(size) {
  if (size == null) return [0, "B"];
  const sizes = ['B', 'KB', 'MB', 'GB', 'TB'];
  if (size == 0) return [0, "B"];
  const i = parseInt(Math.floor(Math.log(size) / Math.log(1024)));
-  let ratio = 1;
+  ratio = 1
  if (i >= 3) {
-    ratio = 100;
+    ratio = 100
  }
  return [Math.round(size * ratio / Math.pow(1024, i), 2) / ratio, sizes[i]];
 }
@@ -935,7 +861,7 @@ function formatDuration(seconds) {
  seconds = Math.ceil(seconds);
  const h = Math.floor(seconds / 3600);
  const m = Math.floor((seconds - h * 3600) / 60);
-  const s = seconds - h * 3600 - m * 60;
+  const s = seconds - h * 3600 - m * 60
  return `${padZero(h, 2)}:${padZero(m, 2)}:${padZero(s, 2)}`;
 }
@@ -964,27 +890,8 @@ function getEncoding(contentType) {
    if (/charset/i.test(charset)) {
      let encoding = charset.split("=")[1];
      if (encoding) {
-      return encoding.toLowerCase();
+        return encoding.toLowerCase()
      }
    }
-  return 'utf-8';
+    return 'utf-8'
 }
 // Parsing base64 strings with Unicode characters
 function decodeBase64(base64String) {
  const binString = atob(base64String);
  const len = binString.length;
  const bytes = new Uint8Array(len);
  const arr = new Uint32Array(bytes.buffer, 0, Math.floor(len / 4));
  let i = 0;
  for (; i < arr.length; i++) {
    arr[i] = binString.charCodeAt(i * 4) |
      (binString.charCodeAt(i * 4 + 1) << 8) |
      (binString.charCodeAt(i * 4 + 2) << 16) |
      (binString.charCodeAt(i * 4 + 3) << 24);
  }
  for (i = i * 4; i < len; i++) {
    bytes[i] = binString.charCodeAt(i);
  }
  return new TextDecoder().decode(bytes);
 }
--- a/src/args.rs
+++ b/src/args.rs
@@ -146,15 +146,7 @@ pub fn build_cli() -> Command {
 				.hide_env(true)
                .long("allow-archive")
                .action(ArgAction::SetTrue)
-                .help("Allow download folders as archive file"),
+                .help("Allow zip archive generation"),
        )
        .arg(
            Arg::new("allow-hash")
                .env("DUFS_ALLOW_HASH")
                .hide_env(true)
                .long("allow-hash")
                .action(ArgAction::SetTrue)
                .help("Allow ?hash query to get file sha256 hash"),
        )
        .arg(
            Arg::new("enable-cors")
@@ -205,15 +197,6 @@ pub fn build_cli() -> Command {
                .value_name("format")
                .help("Customize http log format"),
        )
        .arg(
            Arg::new("log-file")
                .env("DUFS_LOG_FILE")
                .hide_env(true)
                .long("log-file")
                .value_name("file")
                .value_parser(value_parser!(PathBuf))
                .help("Specify the file to save logs to, other than stdout/stderr"),
        )
        .arg(
            Arg::new("compress")
                .env("DUFS_COMPRESS")
@@ -289,7 +272,6 @@ pub struct Args {
    pub allow_search: bool,
    pub allow_symlink: bool,
    pub allow_archive: bool,
    pub allow_hash: bool,
    pub render_index: bool,
    pub render_spa: bool,
    pub render_try_index: bool,
@@ -298,7 +280,6 @@ pub struct Args {
    #[serde(deserialize_with = "deserialize_log_http")]
    #[serde(rename = "log-format")]
    pub http_logger: HttpLogger,
    pub log_file: Option<PathBuf>,
    pub compress: Compress,
    pub tls_cert: Option<PathBuf>,
    pub tls_key: Option<PathBuf>,
@@ -320,7 +301,7 @@ impl Args {
        }
        if let Some(path) = matches.get_one::<PathBuf>("serve-path") {
-            args.serve_path.clone_from(path)
+            args.serve_path = path.clone()
        }
        args.serve_path = Self::sanitize_path(args.serve_path)?;
@@ -336,7 +317,7 @@ impl Args {
        args.path_is_file = args.serve_path.metadata()?.is_file();
        if let Some(path_prefix) = matches.get_one::<String>("path-prefix") {
-            args.path_prefix.clone_from(path_prefix)
+            args.path_prefix = path_prefix.clone();
        }
        args.path_prefix = args.path_prefix.trim_matches('/').to_string();
@@ -384,9 +365,6 @@ impl Args {
        if !args.allow_symlink {
            args.allow_symlink = allow_all || matches.get_flag("allow-symlink");
        }
        if !args.allow_hash {
            args.allow_hash = allow_all || matches.get_flag("allow-hash");
        }
        if !args.allow_archive {
            args.allow_archive = allow_all || matches.get_flag("allow-archive");
        }
@@ -414,10 +392,6 @@ impl Args {
            args.http_logger = log_format.parse()?;
        }
        if let Some(log_file) = matches.get_one::<PathBuf>("log-file") {
            args.log_file = Some(log_file.clone());
        }
        if let Some(compress) = matches.get_one::<Compress>("compress") {
            args.compress = *compress;
        }
@@ -473,30 +447,28 @@ impl Args {
 #[derive(Debug, Clone, PartialEq, Eq, PartialOrd, Ord)]
 pub enum BindAddr {
-    IpAddr(IpAddr),
+    Address(IpAddr),
-    #[cfg(unix)]
+    Path(PathBuf),
    SocketPath(String),
 }
 impl BindAddr {
    fn parse_addrs(addrs: &[&str]) -> Result<Vec<Self>> {
        let mut bind_addrs = vec![];
        #[cfg(not(unix))]
        let mut invalid_addrs = vec![];
        for addr in addrs {
            match addr.parse::<IpAddr>() {
                Ok(v) => {
-                    bind_addrs.push(BindAddr::IpAddr(v));
+                    bind_addrs.push(BindAddr::Address(v));
                }
                Err(_) => {
-                    #[cfg(unix)]
+                    if cfg!(unix) {
-                    bind_addrs.push(BindAddr::SocketPath(addr.to_string()));
+                        bind_addrs.push(BindAddr::Path(PathBuf::from(addr)));
-                    #[cfg(not(unix))]
+                    } else {
                        invalid_addrs.push(*addr);
                    }
                }
            }
-        #[cfg(not(unix))]
+        }
        if !invalid_addrs.is_empty() {
            bail!("Invalid bind address `{}`", invalid_addrs.join(","));
        }
@@ -504,16 +476,21 @@ impl BindAddr {
    }
 }
-#[derive(Debug, Clone, Copy, PartialEq, Deserialize, Default)]
+#[derive(Debug, Clone, Copy, PartialEq, Deserialize)]
 #[serde(rename_all = "lowercase")]
 pub enum Compress {
    None,
    #[default]
    Low,
    Medium,
    High,
 }
 impl Default for Compress {
    fn default() -> Self {
        Self::Low
    }
 }
 impl ValueEnum for Compress {
    fn value_variants<'a>() -> &'a [Self] {
        &[Self::None, Self::Low, Self::Medium, Self::High]
@@ -719,7 +696,7 @@ hidden: tmp,*.log,*.lock
        assert_eq!(args.serve_path, Args::sanitize_path(&tmpdir).unwrap());
        assert_eq!(
            args.addrs,
-            vec![BindAddr::IpAddr("0.0.0.0".parse().unwrap())]
+            vec![BindAddr::Address("0.0.0.0".parse().unwrap())]
        );
        assert_eq!(args.hidden, ["tmp", "*.log", "*.lock"]);
        assert_eq!(args.port, 3000);
@@ -749,8 +726,8 @@ hidden:
        assert_eq!(
            args.addrs,
            vec![
-                BindAddr::IpAddr("127.0.0.1".parse().unwrap()),
+                BindAddr::Address("127.0.0.1".parse().unwrap()),
-                BindAddr::IpAddr("192.168.8.10".parse().unwrap())
+                BindAddr::Address("192.168.8.10".parse().unwrap())
            ]
        );
        assert_eq!(args.hidden, ["tmp", "*.log", "*.lock"]);
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -1,14 +1,12 @@
 use crate::{args::Args, server::Response, utils::unix_now};
 use anyhow::{anyhow, bail, Result};
-use base64::{engine::general_purpose::STANDARD, Engine as _};
+use base64::{engine::general_purpose, Engine as _};
 use ed25519_dalek::{ed25519::signature::SignerMut, Signature, SigningKey};
 use headers::HeaderValue;
 use hyper::{header::WWW_AUTHENTICATE, Method};
 use indexmap::IndexMap;
 use lazy_static::lazy_static;
 use md5::Context;
 use sha2::{Digest, Sha256};
 use std::{
    collections::HashMap,
    path::{Path, PathBuf},
@@ -16,8 +14,7 @@ use std::{
 use uuid::Uuid;
 const REALM: &str = "DUFS";
-const DIGEST_AUTH_TIMEOUT: u32 = 60 * 60 * 24 * 7; // 7 days
+const DIGEST_AUTH_TIMEOUT: u32 = 604800; // 7 days
 const TOKEN_EXPIRATION: u64 = 1000 * 60 * 60 * 24 * 3; // 3 days
 lazy_static! {
    static ref NONCESTARTHASH: Context = {
@@ -30,7 +27,6 @@ lazy_static! {
 #[derive(Debug, Clone, PartialEq)]
 pub struct AccessControl {
    empty: bool,
    use_hashed_password: bool,
    users: IndexMap<String, (String, AccessPaths)>,
    anonymous: Option<AccessPaths>,
@@ -39,7 +35,6 @@ pub struct AccessControl {
 impl Default for AccessControl {
    fn default() -> Self {
        AccessControl {
            empty: true,
            use_hashed_password: false,
            users: IndexMap::new(),
            anonymous: Some(AccessPaths::new(AccessPerm::ReadWrite)),
@@ -50,7 +45,7 @@ impl Default for AccessControl {
 impl AccessControl {
    pub fn new(raw_rules: &[&str]) -> Result<Self> {
        if raw_rules.is_empty() {
-            return Ok(Self::default());
+            return Ok(Default::default());
        }
        let new_raw_rules = split_rules(raw_rules);
        let mut use_hashed_password = false;
@@ -74,20 +69,15 @@ impl AccessControl {
        let mut anonymous = None;
        if let Some(paths) = annoy_paths {
            let mut access_paths = AccessPaths::default();
-            access_paths
+            access_paths.merge(paths);
                .merge(paths)
                .ok_or_else(|| anyhow!("Invalid auth value `@{paths}"))?;
            anonymous = Some(access_paths);
        }
        let mut users = IndexMap::new();
        for (user, pass, paths) in account_paths_pairs.into_iter() {
-            let mut access_paths = AccessPaths::default();
+            let mut access_paths = anonymous.clone().unwrap_or_default();
            access_paths
                .merge(paths)
-                .ok_or_else(|| anyhow!("Invalid auth value `{user}:{pass}@{paths}"))?;
+                .ok_or_else(|| anyhow!("Invalid auth `{user}:{pass}@{paths}"))?;
            if let Some(paths) = annoy_paths {
                access_paths.merge(paths);
            }
            if pass.starts_with("$6$") {
                use_hashed_password = true;
            }
@@ -95,14 +85,13 @@ impl AccessControl {
        }
        Ok(Self {
            empty: false,
            use_hashed_password,
            users,
            anonymous,
        })
    }
-    pub fn has_users(&self) -> bool {
+    pub fn exist(&self) -> bool {
        !self.users.is_empty()
    }
@@ -111,29 +100,15 @@ impl AccessControl {
        path: &str,
        method: &Method,
        authorization: Option<&HeaderValue>,
        token: Option<&String>,
        guard_options: bool,
    ) -> (Option<String>, Option<AccessPaths>) {
        if self.empty {
            return (None, Some(AccessPaths::new(AccessPerm::ReadWrite)));
        }
        if method == Method::GET {
            if let Some(token) = token {
                if let Ok((user, ap)) = self.verify_token(token, path) {
                    return (Some(user), ap.guard(path, method));
                }
            }
        }
        if let Some(authorization) = authorization {
            if let Some(user) = get_auth_user(authorization) {
-                if let Some((pass, ap)) = self.users.get(&user) {
+                if let Some((pass, paths)) = self.users.get(&user) {
                    if method == Method::OPTIONS {
                        return (Some(user), Some(AccessPaths::new(AccessPerm::ReadOnly)));
                    }
                    if check_auth(authorization, method.as_str(), &user, pass).is_some() {
-                        return (Some(user), ap.guard(path, method));
+                        return (Some(user), paths.find(path, !is_readonly_method(method)));
                    }
                }
            }
@@ -141,63 +116,16 @@ impl AccessControl {
            return (None, None);
        }
-        if !guard_options && method == Method::OPTIONS {
+        if method == Method::OPTIONS {
            return (None, Some(AccessPaths::new(AccessPerm::ReadOnly)));
        }
-        if let Some(ap) = self.anonymous.as_ref() {
+        if let Some(paths) = self.anonymous.as_ref() {
-            return (None, ap.guard(path, method));
+            return (None, paths.find(path, !is_readonly_method(method)));
        }
        (None, None)
    }
    pub fn generate_token(&self, path: &str, user: &str) -> Result<String> {
        let (pass, _) = self
            .users
            .get(user)
            .ok_or_else(|| anyhow!("Not found user '{user}'"))?;
        let exp = unix_now().as_millis() as u64 + TOKEN_EXPIRATION;
        let message = format!("{path}:{exp}");
        let mut signing_key = derive_secret_key(user, pass);
        let sig = signing_key.sign(message.as_bytes()).to_bytes();
        let mut raw = Vec::with_capacity(64 + 8 + user.len());
        raw.extend_from_slice(&sig);
        raw.extend_from_slice(&exp.to_be_bytes());
        raw.extend_from_slice(user.as_bytes());
        Ok(hex::encode(raw))
    }
    fn verify_token<'a>(&'a self, token: &str, path: &str) -> Result<(String, &'a AccessPaths)> {
        let raw = hex::decode(token)?;
        if raw.len() < 72 {
            bail!("Invalid token");
        }
        let sig_bytes = &raw[..64];
        let exp_bytes = &raw[64..72];
        let user_bytes = &raw[72..];
        let exp = u64::from_be_bytes(exp_bytes.try_into()?);
        if unix_now().as_millis() as u64 > exp {
            bail!("Token expired");
        }
        let user = std::str::from_utf8(user_bytes)?;
        let (pass, ap) = self
            .users
            .get(user)
            .ok_or_else(|| anyhow!("Not found user '{user}'"))?;
        let sig = Signature::from_bytes(&<[u8; 64]>::try_from(sig_bytes)?);
        let message = format!("{path}:{exp}");
        derive_secret_key(user, pass).verify(message.as_bytes(), &sig)?;
        Ok((user.to_string(), ap))
    }
 }
 #[derive(Debug, Default, Clone, PartialEq, Eq)]
@@ -219,9 +147,8 @@ impl AccessPaths {
    }
    pub fn set_perm(&mut self, perm: AccessPerm) {
-        if self.perm < perm {
+        if !perm.indexonly() {
            self.perm = perm;
            self.recursively_purge_children(perm);
        }
    }
@@ -238,25 +165,6 @@ impl AccessPaths {
        Some(())
    }
    pub fn guard(&self, path: &str, method: &Method) -> Option<Self> {
        let target = self.find(path)?;
        if !is_readonly_method(method) && !target.perm().readwrite() {
            return None;
        }
        Some(target)
    }
    fn recursively_purge_children(&mut self, perm: AccessPerm) {
        self.children.retain(|_, child| {
            if child.perm <= perm {
                false
            } else {
                child.recursively_purge_children(perm);
                true
            }
        });
    }
    fn add(&mut self, path: &str, perm: AccessPerm) {
        let path = path.trim_matches('/');
        if path.is_empty() {
@@ -273,20 +181,21 @@ impl AccessPaths {
            self.set_perm(perm);
            return;
        }
        if self.perm >= perm {
            return;
        }
        let child = self.children.entry(parts[0].to_string()).or_default();
        child.add_impl(&parts[1..], perm)
    }
-    pub fn find(&self, path: &str) -> Option<AccessPaths> {
+    pub fn find(&self, path: &str, writable: bool) -> Option<AccessPaths> {
        let parts: Vec<&str> = path
            .trim_matches('/')
            .split('/')
            .filter(|v| !v.is_empty())
            .collect();
-        self.find_impl(&parts, self.perm)
+        let target = self.find_impl(&parts, self.perm)?;
        if writable && !target.perm().readwrite() {
            return None;
        }
        Some(target)
    }
    fn find_impl(&self, parts: &[&str], perm: AccessPerm) -> Option<AccessPaths> {
@@ -319,20 +228,20 @@ impl AccessPaths {
        self.children.keys().collect()
    }
-    pub fn entry_paths(&self, base: &Path) -> Vec<PathBuf> {
+    pub fn child_paths(&self, base: &Path) -> Vec<PathBuf> {
        if !self.perm().indexonly() {
            return vec![base.to_path_buf()];
        }
        let mut output = vec![];
-        self.entry_paths_impl(&mut output, base);
+        self.child_paths_impl(&mut output, base);
        output
    }
-    fn entry_paths_impl(&self, output: &mut Vec<PathBuf>, base: &Path) {
+    fn child_paths_impl(&self, output: &mut Vec<PathBuf>, base: &Path) {
        for (name, child) in self.children.iter() {
            let base = base.join(name);
            if child.perm().indexonly() {
-                child.entry_paths_impl(output, &base);
+                child.child_paths_impl(output, &base);
            } else {
                output.push(base)
            }
@@ -360,14 +269,15 @@ impl AccessPerm {
 pub fn www_authenticate(res: &mut Response, args: &Args) -> Result<()> {
    if args.auth.use_hashed_password {
-        let basic = HeaderValue::from_str(&format!("Basic realm=\"{REALM}\""))?;
+        let basic = HeaderValue::from_str(&format!("Basic realm=\"{}\"", REALM))?;
        res.headers_mut().insert(WWW_AUTHENTICATE, basic);
    } else {
        let nonce = create_nonce()?;
        let digest = HeaderValue::from_str(&format!(
-            "Digest realm=\"{REALM}\", nonce=\"{nonce}\", qop=\"auth\""
+            "Digest realm=\"{}\", nonce=\"{}\", qop=\"auth\"",
            REALM, nonce
        ))?;
-        let basic = HeaderValue::from_str(&format!("Basic realm=\"{REALM}\""))?;
+        let basic = HeaderValue::from_str(&format!("Basic realm=\"{}\"", REALM))?;
        res.headers_mut().append(WWW_AUTHENTICATE, digest);
        res.headers_mut().append(WWW_AUTHENTICATE, basic);
    }
@@ -376,7 +286,7 @@ pub fn www_authenticate(res: &mut Response, args: &Args) -> Result<()> {
 pub fn get_auth_user(authorization: &HeaderValue) -> Option<String> {
    if let Some(value) = strip_prefix(authorization.as_bytes(), b"Basic ") {
-        let value: Vec<u8> = STANDARD.decode(value).ok()?;
+        let value: Vec<u8> = general_purpose::STANDARD.decode(value).ok()?;
        let parts: Vec<&str> = std::str::from_utf8(&value).ok()?.split(':').collect();
        Some(parts[0].to_string())
    } else if let Some(value) = strip_prefix(authorization.as_bytes(), b"Digest ") {
@@ -395,18 +305,18 @@ pub fn check_auth(
    auth_pass: &str,
 ) -> Option<()> {
    if let Some(value) = strip_prefix(authorization.as_bytes(), b"Basic ") {
-        let value: Vec<u8> = STANDARD.decode(value).ok()?;
+        let value: Vec<u8> = general_purpose::STANDARD.decode(value).ok()?;
-        let (user, pass) = std::str::from_utf8(&value).ok()?.split_once(':')?;
+        let parts: Vec<&str> = std::str::from_utf8(&value).ok()?.split(':').collect();
-        if user != auth_user {
+        if parts[0] != auth_user {
            return None;
        }
        if auth_pass.starts_with("$6$") {
-            if let Ok(()) = sha_crypt::sha512_check(pass, auth_pass) {
+            if let Ok(()) = sha_crypt::sha512_check(parts[1], auth_pass) {
                return Some(());
            }
-        } else if pass == auth_pass {
+        } else if parts[1] == auth_pass {
            return Some(());
        }
@@ -429,8 +339,8 @@ pub fn check_auth(
            }
            let mut h = Context::new();
-            h.consume(format!("{auth_user}:{REALM}:{auth_pass}").as_bytes());
+            h.consume(format!("{}:{}:{}", auth_user, REALM, auth_pass).as_bytes());
-            let auth_pass = format!("{:x}", h.finalize());
+            let auth_pass = format!("{:x}", h.compute());
            let mut ha = Context::new();
            ha.consume(method);
@@ -438,7 +348,7 @@ pub fn check_auth(
            if let Some(uri) = digest_map.get(b"uri".as_ref()) {
                ha.consume(uri);
            }
-            let ha = format!("{:x}", ha.finalize());
+            let ha = format!("{:x}", ha.compute());
            let mut correct_response = None;
            if let Some(qop) = digest_map.get(b"qop".as_ref()) {
                if qop == &b"auth".as_ref() || qop == &b"auth-int".as_ref() {
@@ -459,7 +369,7 @@ pub fn check_auth(
                        c.consume(qop);
                        c.consume(b":");
                        c.consume(&*ha);
-                        format!("{:x}", c.finalize())
+                        format!("{:x}", c.compute())
                    });
                }
            }
@@ -472,7 +382,7 @@ pub fn check_auth(
                    c.consume(nonce);
                    c.consume(b":");
                    c.consume(&*ha);
-                    format!("{:x}", c.finalize())
+                    format!("{:x}", c.compute())
                }
            };
            if correct_response.as_bytes() == *user_response {
@@ -485,13 +395,6 @@ pub fn check_auth(
    }
 }
 fn derive_secret_key(user: &str, pass: &str) -> SigningKey {
    let mut hasher = Sha256::new();
    hasher.update(format!("{user}:{pass}").as_bytes());
    let hash = hasher.finalize();
    SigningKey::from_bytes(&hash.into())
 }
 /// Check if a nonce is still valid.
 /// Return an error if it was never valid
 fn validate_nonce(nonce: &[u8]) -> Result<bool> {
@@ -503,14 +406,14 @@ fn validate_nonce(nonce: &[u8]) -> Result<bool> {
        //get time
        if let Ok(secs_nonce) = u32::from_str_radix(&n[..8], 16) {
            //check time
-            let now = unix_now();
+            let now = unix_now()?;
            let secs_now = now.as_secs() as u32;
            if let Some(dur) = secs_now.checked_sub(secs_nonce) {
                //check hash
                let mut h = NONCESTARTHASH.clone();
                h.consume(secs_nonce.to_be_bytes());
-                let h = format!("{:x}", h.finalize());
+                let h = format!("{:x}", h.compute());
                if h[..26] == n[8..34] {
                    return Ok(dur < DIGEST_AUTH_TIMEOUT);
                }
@@ -525,8 +428,6 @@ fn is_readonly_method(method: &Method) -> bool {
        || method == Method::OPTIONS
        || method == Method::HEAD
        || method.as_str() == "PROPFIND"
        || method.as_str() == "CHECKAUTH"
        || method.as_str() == "LOGOUT"
 }
 fn strip_prefix<'a>(search: &'a [u8], prefix: &[u8]) -> Option<&'a [u8]> {
@@ -583,12 +484,12 @@ fn to_headermap(header: &[u8]) -> Result<HashMap<&[u8], &[u8]>, ()> {
 }
 fn create_nonce() -> Result<String> {
-    let now = unix_now();
+    let now = unix_now()?;
    let secs = now.as_secs() as u32;
    let mut h = NONCESTARTHASH.clone();
    h.consume(secs.to_be_bytes());
-    let n = format!("{:08x}{:032x}", secs, h.finalize());
+    let n = format!("{:08x}{:032x}", secs, h.compute());
    Ok(n[..34].to_string())
 }
@@ -670,7 +571,7 @@ mod tests {
        paths.add("/dir2/dir22/dir221", AccessPerm::ReadWrite);
        paths.add("/dir2/dir23/dir231", AccessPerm::ReadWrite);
        assert_eq!(
-            paths.entry_paths(Path::new("/tmp")),
+            paths.child_paths(Path::new("/tmp")),
            [
                "/tmp/dir1",
                "/tmp/dir2/dir21",
@@ -683,8 +584,8 @@ mod tests {
        );
        assert_eq!(
            paths
-                .find("dir2")
+                .find("dir2", false)
-                .map(|v| v.entry_paths(Path::new("/tmp/dir2"))),
+                .map(|v| v.child_paths(Path::new("/tmp/dir2"))),
            Some(
                [
                    "/tmp/dir2/dir21",
@@ -696,30 +597,19 @@ mod tests {
                .collect::<Vec<_>>()
            )
        );
        assert_eq!(paths.find("dir2", true), None);
        assert_eq!(
-            paths.find("dir1/file"),
+            paths.find("dir1/file", true),
            Some(AccessPaths::new(AccessPerm::ReadWrite))
        );
        assert_eq!(
-            paths.find("dir2/dir21/file"),
+            paths.find("dir2/dir21/file", true),
            Some(AccessPaths::new(AccessPerm::ReadWrite))
        );
        assert_eq!(
-            paths.find("dir2/dir21/dir211/file"),
+            paths.find("dir2/dir21/dir211/file", false),
            Some(AccessPaths::new(AccessPerm::ReadWrite))
        );
        assert_eq!(
            paths.find("dir2/dir22/file"),
            Some(AccessPaths::new(AccessPerm::ReadOnly))
        );
-        assert_eq!(
+        assert_eq!(paths.find("dir2/dir21/dir211/file", true), None);
            paths.find("dir2/dir22/dir221/file"),
            Some(AccessPaths::new(AccessPerm::ReadWrite))
        );
        assert_eq!(paths.find("dir2/dir23/file"), None);
        assert_eq!(
            paths.find("dir2/dir23//dir231/file"),
            Some(AccessPaths::new(AccessPerm::ReadWrite))
        );
    }
 }
--- a/src/http_logger.rs
+++ b/src/http_logger.rs
@@ -1,6 +1,6 @@
 use std::{collections::HashMap, str::FromStr};
-use crate::{auth::get_auth_user, server::Request, utils::decode_uri};
+use crate::{auth::get_auth_user, server::Request};
 pub const DEFAULT_LOG_FORMAT: &str = r#"$remote_addr "$request" $status"#;
@@ -29,9 +29,7 @@ impl HttpLogger {
            match element {
                LogElement::Variable(name) => match name.as_str() {
                    "request" => {
-                        let uri = req.uri().to_string();
+                        data.insert(name.to_string(), format!("{} {}", req.method(), req.uri()));
                        let uri = decode_uri(&uri).map(|s| s.to_string()).unwrap_or(uri);
                        data.insert(name.to_string(), format!("{} {uri}", req.method()));
                    }
                    "remote_user" => {
                        if let Some(user) =
@@ -52,7 +50,6 @@ impl HttpLogger {
        }
        data
    }
    pub fn log(&self, data: &HashMap<String, String>, err: Option<String>) {
        if self.elements.is_empty() {
            return;
@@ -67,8 +64,8 @@ impl HttpLogger {
            }
        }
        match err {
-            Some(err) => error!("{output} {err}"),
+            Some(err) => error!("{} {}", output, err),
-            None => info!("{output}"),
+            None => info!("{}", output),
        }
    }
 }
--- a/src/logger.rs
+++ b/src/logger.rs
@@ -1,14 +1,8 @@
 use anyhow::{Context, Result};
 use chrono::{Local, SecondsFormat};
-use log::{Level, LevelFilter, Metadata, Record};
+use log::{Level, Metadata, Record};
-use std::fs::{File, OpenOptions};
+use log::{LevelFilter, SetLoggerError};
 use std::io::Write;
 use std::path::PathBuf;
 use std::sync::Mutex;
-struct SimpleLogger {
+struct SimpleLogger;
    file: Option<Mutex<File>>,
 }
 impl log::Log for SimpleLogger {
    fn enabled(&self, metadata: &Metadata) -> bool {
@@ -18,20 +12,10 @@ impl log::Log for SimpleLogger {
    fn log(&self, record: &Record) {
        if self.enabled(record.metadata()) {
            let timestamp = Local::now().to_rfc3339_opts(SecondsFormat::Secs, true);
            let text = format!("{} {} - {}", timestamp, record.level(), record.args());
            match &self.file {
                Some(file) => {
                    if let Ok(mut file) = file.lock() {
                        let _ = writeln!(file, "{text}");
                    }
                }
                None => {
            if record.level() < Level::Info {
-                        eprintln!("{text}");
+                eprintln!("{} {} - {}", timestamp, record.level(), record.args());
            } else {
-                        println!("{text}");
+                println!("{} {} - {}", timestamp, record.level(), record.args());
                    }
                }
            }
        }
    }
@@ -39,23 +23,8 @@ impl log::Log for SimpleLogger {
    fn flush(&self) {}
 }
-pub fn init(log_file: Option<PathBuf>) -> Result<()> {
+static LOGGER: SimpleLogger = SimpleLogger;
-    let file = match log_file {
+
-        None => None,
+pub fn init() -> Result<(), SetLoggerError> {
-        Some(log_file) => {
+    log::set_logger(&LOGGER).map(|()| log::set_max_level(LevelFilter::Info))
            let file = OpenOptions::new()
                .create(true)
                .append(true)
                .open(&log_file)
                .with_context(|| {
                    format!("Failed to open the log file at '{}'", log_file.display())
                })?;
            Some(Mutex::new(file))
        }
    };
    let logger = SimpleLogger { file };
    log::set_boxed_logger(Box::new(logger))
        .map(|_| log::set_max_level(LevelFilter::Info))
        .with_context(|| "Failed to init logger")?;
    Ok(())
 }
--- a/src/main.rs
+++ b/src/main.rs
@@ -3,7 +3,6 @@ mod auth;
 mod http_logger;
 mod http_utils;
 mod logger;
 mod noscript;
 mod server;
 mod utils;
@@ -30,14 +29,13 @@ use std::sync::{
    atomic::{AtomicBool, Ordering},
    Arc,
 };
 use std::time::Duration;
 use tokio::time::timeout;
 use tokio::{net::TcpListener, task::JoinHandle};
 #[cfg(feature = "tls")]
 use tokio_rustls::{rustls::ServerConfig, TlsAcceptor};
 #[tokio::main]
 async fn main() -> Result<()> {
    logger::init().map_err(|e| anyhow!("Failed to init logger, {e}"))?;
    let cmd = build_cli();
    let matches = cmd.get_matches();
    if let Some(generator) = matches.get_one::<Shell>("completions") {
@@ -46,7 +44,6 @@ async fn main() -> Result<()> {
        return Ok(());
    }
    let mut args = Args::parse(matches)?;
    logger::init(args.log_file.clone()).map_err(|e| anyhow!("Failed to init logger, {e}"))?;
    let (new_addrs, print_addrs) = check_addrs(&args)?;
    args.addrs = new_addrs;
    let running = Arc::new(AtomicBool::new(true));
@@ -58,7 +55,7 @@ async fn main() -> Result<()> {
        ret = join_all(handles) => {
            for r in ret {
                if let Err(e) = r {
-                    error!("{e}");
+                    error!("{}", e);
                }
            }
            Ok(())
@@ -79,7 +76,7 @@ fn serve(args: Args, running: Arc<AtomicBool>) -> Result<Vec<JoinHandle<()>>> {
    for bind_addr in addrs.iter() {
        let server_handle = server_handle.clone();
        match bind_addr {
-            BindAddr::IpAddr(ip) => {
+            BindAddr::Address(ip) => {
                let listener = create_listener(SocketAddr::new(*ip, port))
                    .with_context(|| format!("Failed to bind `{ip}:{port}`"))?;
@@ -94,19 +91,12 @@ fn serve(args: Args, running: Arc<AtomicBool>) -> Result<Vec<JoinHandle<()>>> {
                        config.alpn_protocols = vec![b"h2".to_vec(), b"http/1.1".to_vec()];
                        let config = Arc::new(config);
                        let tls_accepter = TlsAcceptor::from(config);
                        let handshake_timeout = Duration::from_secs(10);
                        let handle = tokio::spawn(async move {
                            loop {
-                                let Ok((stream, addr)) = listener.accept().await else {
+                                let (cnx, addr) = listener.accept().await.unwrap();
-                                    continue;
+                                let Ok(stream) = tls_accepter.accept(cnx).await else {
-                                };
+                                    warn!("During cls handshake connection from {}", addr);
                                let Some(stream) =
                                    timeout(handshake_timeout, tls_accepter.accept(stream))
                                        .await
                                        .ok()
                                        .and_then(|v| v.ok())
                                else {
                                    continue;
                                };
                                let stream = TokioIo::new(stream);
@@ -123,10 +113,8 @@ fn serve(args: Args, running: Arc<AtomicBool>) -> Result<Vec<JoinHandle<()>>> {
                    (None, None) => {
                        let handle = tokio::spawn(async move {
                            loop {
-                                let Ok((stream, addr)) = listener.accept().await else {
+                                let (cnx, addr) = listener.accept().await.unwrap();
-                                    continue;
+                                let stream = TokioIo::new(cnx);
                                };
                                let stream = TokioIo::new(stream);
                                tokio::spawn(handle_stream(
                                    server_handle.clone(),
                                    stream,
@@ -141,27 +129,18 @@ fn serve(args: Args, running: Arc<AtomicBool>) -> Result<Vec<JoinHandle<()>>> {
                    }
                };
            }
            BindAddr::Path(path) => {
                if path.exists() {
                    std::fs::remove_file(path)?;
                }
                #[cfg(unix)]
            BindAddr::SocketPath(path) => {
                let socket_path = if path.starts_with("@")
                    && cfg!(any(target_os = "linux", target_os = "android"))
                {
-                    let mut path_buf = path.as_bytes().to_vec();
+                    let listener = tokio::net::UnixListener::bind(path)
-                    path_buf[0] = b'\0';
+                        .with_context(|| format!("Failed to bind `{}`", path.display()))?;
                    unsafe { std::ffi::OsStr::from_encoded_bytes_unchecked(&path_buf) }
                        .to_os_string()
                } else {
                    let _ = std::fs::remove_file(path);
                    path.into()
                };
                let listener = tokio::net::UnixListener::bind(socket_path)
                    .with_context(|| format!("Failed to bind `{path}`"))?;
                    let handle = tokio::spawn(async move {
                        loop {
-                        let Ok((stream, _addr)) = listener.accept().await else {
+                            let (cnx, _) = listener.accept().await.unwrap();
-                            continue;
+                            let stream = TokioIo::new(cnx);
                        };
                        let stream = TokioIo::new(stream);
                            tokio::spawn(handle_stream(server_handle.clone(), stream, None));
                        }
                    });
@@ -170,6 +149,7 @@ fn serve(args: Args, running: Arc<AtomicBool>) -> Result<Vec<JoinHandle<()>>> {
                }
            }
        }
    }
    Ok(handles)
 }
@@ -180,15 +160,18 @@ where
    let hyper_service =
        service_fn(move |request: Request<Incoming>| handle.clone().call(request, addr));
-    match Builder::new(TokioExecutor::new())
+    let ret = Builder::new(TokioExecutor::new())
        .serve_connection_with_upgrades(stream, hyper_service)
-        .await
+        .await;
-    {
+
-        Ok(()) => {}
+    if let Err(err) = ret {
-        Err(_err) => {
+        let scope = match addr {
-            // This error only appears when the client doesn't send a request and terminate the connection.
+            Some(addr) => format!(" from {}", addr),
-            //
+            None => String::new(),
-            // If client sends one request then terminate connection whenever, it doesn't appear.
+        };
        match err.downcast_ref::<std::io::Error>() {
            Some(err) if err.kind() == std::io::ErrorKind::UnexpectedEof => {}
            _ => warn!("Serving connection{}: {}", scope, err),
        }
    }
 }
@@ -214,7 +197,7 @@ fn check_addrs(args: &Args) -> Result<(Vec<BindAddr>, Vec<BindAddr>)> {
    let (ipv4_addrs, ipv6_addrs) = interface_addrs()?;
    for bind_addr in args.addrs.iter() {
        match bind_addr {
-            BindAddr::IpAddr(ip) => match &ip {
+            BindAddr::Address(ip) => match &ip {
                IpAddr::V4(_) => {
                    if !ipv4_addrs.is_empty() {
                        new_addrs.push(bind_addr.clone());
@@ -236,7 +219,6 @@ fn check_addrs(args: &Args) -> Result<(Vec<BindAddr>, Vec<BindAddr>)> {
                    }
                }
            },
            #[cfg(unix)]
            _ => {
                new_addrs.push(bind_addr.clone());
                print_addrs.push(bind_addr.clone())
@@ -254,10 +236,10 @@ fn interface_addrs() -> Result<(Vec<BindAddr>, Vec<BindAddr>)> {
    for iface in ifaces.into_iter() {
        let ip = iface.ip();
        if ip.is_ipv4() {
-            ipv4_addrs.push(BindAddr::IpAddr(ip))
+            ipv4_addrs.push(BindAddr::Address(ip))
        }
        if ip.is_ipv6() {
-            ipv6_addrs.push(BindAddr::IpAddr(ip))
+            ipv6_addrs.push(BindAddr::Address(ip))
        }
    }
    Ok((ipv4_addrs, ipv6_addrs))
@@ -268,7 +250,7 @@ fn print_listening(args: &Args, print_addrs: &[BindAddr]) -> Result<String> {
    let urls = print_addrs
        .iter()
        .map(|bind_addr| match bind_addr {
-            BindAddr::IpAddr(addr) => {
+            BindAddr::Address(addr) => {
                let addr = match addr {
                    IpAddr::V4(_) => format!("{}:{}", addr, args.port),
                    IpAddr::V6(_) => format!("[{}]:{}", addr, args.port),
@@ -280,8 +262,7 @@ fn print_listening(args: &Args, print_addrs: &[BindAddr]) -> Result<String> {
                };
                format!("{}://{}{}", protocol, addr, args.uri_prefix)
            }
-            #[cfg(unix)]
+            BindAddr::Path(path) => path.display().to_string(),
            BindAddr::SocketPath(path) => path.to_string(),
        })
        .collect::<Vec<_>>();
--- a/src/noscript.rs
+++ b/src/noscript.rs
@@ -1,103 +0,0 @@
 use crate::{
    server::{IndexData, PathItem, PathType, MAX_SUBPATHS_COUNT},
    utils::encode_uri,
 };
 use anyhow::Result;
 use chrono::{DateTime, Utc};
 use xml::escape::escape_str_pcdata;
 pub fn detect_noscript(user_agent: &str) -> bool {
    [
        "lynx/", "w3m/", "links ", "elinks/", "curl/", "wget/", "httpie/", "aria2/",
    ]
    .iter()
    .any(|v| user_agent.starts_with(v))
 }
 pub fn generate_noscript_html(data: &IndexData) -> Result<String> {
    let mut html = String::new();
    let title = format!("Index of {}", escape_str_pcdata(&data.href));
    html.push_str("<html>\n");
    html.push_str("<head>\n");
    html.push_str(&format!("<title>{title}</title>\n"));
    html.push_str(
        r#"<style>
  td {
    padding: 0.2rem;
    text-align: left;
  }
  td:nth-child(3) {
    text-align: right;
  }
 </style>
 "#,
    );
    html.push_str("</head>\n");
    html.push_str("<body>\n");
    html.push_str(&format!("<h1>{title}</h1>\n"));
    html.push_str("<table>\n");
    html.push_str("  <tbody>\n");
    html.push_str(&format!("    {}\n", render_parent()));
    for path in &data.paths {
        html.push_str(&format!("    {}\n", render_path_item(path)));
    }
    html.push_str("  </tbody>\n");
    html.push_str("</table>\n");
    html.push_str("</body>\n");
    Ok(html)
 }
 fn render_parent() -> String {
    let value = "../";
    format!("<tr><td><a href=\"{value}?noscript\">{value}</a></td><td></td><td></td></tr>")
 }
 fn render_path_item(path: &PathItem) -> String {
    let mut href = encode_uri(&path.name);
    let mut name = escape_str_pcdata(&path.name).to_string();
    if path.path_type.is_dir() {
        href.push_str("/?noscript");
        name.push('/');
    };
    let mtime = format_mtime(path.mtime).unwrap_or_default();
    let size = format_size(path.size, path.path_type);
    format!("<tr><td><a href=\"{href}\">{name}</a></td><td>{mtime}</td><td>{size}</td></tr>")
 }
 fn format_mtime(mtime: u64) -> Option<String> {
    let datetime = DateTime::<Utc>::from_timestamp_millis(mtime as _)?;
    Some(datetime.format("%Y-%m-%dT%H:%M:%S.%3fZ").to_string())
 }
 fn format_size(size: u64, path_type: PathType) -> String {
    if path_type.is_dir() {
        let unit = if size == 1 { "item" } else { "items" };
        let num = match size >= MAX_SUBPATHS_COUNT {
            true => format!(">{}", MAX_SUBPATHS_COUNT - 1),
            false => size.to_string(),
        };
        format!("{num} {unit}")
    } else {
        if size == 0 {
            return "0 B".to_string();
        }
        const UNITS: [&str; 5] = ["B", "KB", "MB", "GB", "TB"];
        let i = (size as f64).log2() / 10.0;
        let i = i.floor() as usize;
        if i >= UNITS.len() {
            // Handle extremely large numbers beyond Terabytes
            return format!("{:.2} PB", size as f64 / 1024.0f64.powi(5));
        }
        let size = size as f64 / 1024.0f64.powi(i as i32);
        format!("{:.2} {}", size, UNITS[i])
    }
 }
--- a/src/server.rs
+++ b/src/server.rs
--- a/src/utils.rs
+++ b/src/utils.rs
@@ -1,17 +1,17 @@
 use anyhow::{anyhow, Context, Result};
 use chrono::{DateTime, Utc};
 #[cfg(feature = "tls")]
-use rustls_pki_types::{pem::PemObject, CertificateDer, PrivateKeyDer};
+use rustls_pki_types::{CertificateDer, PrivateKeyDer};
 use std::{
    borrow::Cow,
    path::Path,
    time::{Duration, SystemTime, UNIX_EPOCH},
 };
-pub fn unix_now() -> Duration {
+pub fn unix_now() -> Result<Duration> {
    SystemTime::now()
        .duration_since(UNIX_EPOCH)
-        .expect("Unable to get unix epoch time")
+        .with_context(|| "Invalid system time")
 }
 pub fn encode_uri(v: &str) -> String {
@@ -19,7 +19,7 @@ pub fn encode_uri(v: &str) -> String {
    parts.join("/")
 }
-pub fn decode_uri(v: &str) -> Option<Cow<'_, str>> {
+pub fn decode_uri(v: &str) -> Option<Cow<str>> {
    percent_encoding::percent_decode(v.as_bytes())
        .decode_utf8()
        .ok()
@@ -62,80 +62,76 @@ pub fn glob(pattern: &str, target: &str) -> bool {
 // Load public certificate from file.
 #[cfg(feature = "tls")]
-pub fn load_certs<T: AsRef<Path>>(file_name: T) -> Result<Vec<CertificateDer<'static>>> {
+pub fn load_certs<T: AsRef<Path>>(filename: T) -> Result<Vec<CertificateDer<'static>>> {
    // Open certificate file.
    let cert_file = std::fs::File::open(filename.as_ref())
        .with_context(|| format!("Failed to access `{}`", filename.as_ref().display()))?;
    let mut reader = std::io::BufReader::new(cert_file);
    // Load and return certificate.
    let mut certs = vec![];
-    for cert in CertificateDer::pem_file_iter(file_name.as_ref()).with_context(|| {
+    for cert in rustls_pemfile::certs(&mut reader) {
-        format!(
+        let cert = cert.with_context(|| "Failed to load certificate")?;
            "Failed to load cert file at `{}`",
            file_name.as_ref().display()
        )
    })? {
        let cert = cert.with_context(|| {
            format!(
                "Invalid certificate data in file `{}`",
                file_name.as_ref().display()
            )
        })?;
        certs.push(cert)
    }
    if certs.is_empty() {
-        anyhow::bail!(
+        anyhow::bail!("No supported certificate in file");
            "No supported certificate in file `{}`",
            file_name.as_ref().display()
        );
    }
    Ok(certs)
 }
 // Load private key from file.
 #[cfg(feature = "tls")]
-pub fn load_private_key<T: AsRef<Path>>(file_name: T) -> Result<PrivateKeyDer<'static>> {
+pub fn load_private_key<T: AsRef<Path>>(filename: T) -> Result<PrivateKeyDer<'static>> {
-    PrivateKeyDer::from_pem_file(file_name.as_ref()).with_context(|| {
+    let key_file = std::fs::File::open(filename.as_ref())
-        format!(
+        .with_context(|| format!("Failed to access `{}`", filename.as_ref().display()))?;
-            "Failed to load key file at `{}`",
+    let mut reader = std::io::BufReader::new(key_file);
-            file_name.as_ref().display()
+
-        )
+    // Load and return a single private key.
-    })
+    for key in rustls_pemfile::read_all(&mut reader) {
        let key = key.with_context(|| "There was a problem with reading private key")?;
        match key {
            rustls_pemfile::Item::Pkcs1Key(key) => return Ok(PrivateKeyDer::Pkcs1(key)),
            rustls_pemfile::Item::Pkcs8Key(key) => return Ok(PrivateKeyDer::Pkcs8(key)),
            rustls_pemfile::Item::Sec1Key(key) => return Ok(PrivateKeyDer::Sec1(key)),
            _ => {}
        }
    }
    anyhow::bail!("No supported private key in file");
 }
-pub fn parse_range(range: &str, size: u64) -> Option<Vec<(u64, u64)>> {
+pub fn parse_range(range: &str, size: u64) -> Option<(u64, u64)> {
-    let (unit, ranges) = range.split_once('=')?;
+    let (unit, range) = range.split_once('=')?;
-    if unit != "bytes" {
+    if unit != "bytes" || range.contains(',') {
        return None;
    }
-
+    let (start, end) = range.split_once('-')?;
    let mut result = Vec::new();
    for range in ranges.split(',') {
        let (start, end) = range.trim().split_once('-')?;
    if start.is_empty() {
        let offset = end.parse::<u64>().ok()?;
        if offset <= size {
-                result.push((size - offset, size - 1));
+            Some((size - offset, size - 1))
        } else {
-                return None;
+            None
        }
    } else {
        let start = start.parse::<u64>().ok()?;
        if start < size {
            if end.is_empty() {
-                    result.push((start, size - 1));
+                Some((start, size - 1))
            } else {
                let end = end.parse::<u64>().ok()?;
                if end < size {
-                        result.push((start, end));
+                    Some((start, end))
                } else {
-                        return None;
+                    None
                }
            }
        } else {
-                return None;
+            None
        }
    }
 }
    Some(result)
 }
 #[cfg(test)]
 mod tests {
    use super::*;
@@ -166,19 +162,13 @@ mod tests {
    #[test]
    fn test_parse_range() {
-        assert_eq!(parse_range("bytes=0-499", 500), Some(vec![(0, 499)]));
+        assert_eq!(parse_range("bytes=0-499", 500), Some((0, 499)));
-        assert_eq!(parse_range("bytes=0-", 500), Some(vec![(0, 499)]));
+        assert_eq!(parse_range("bytes=0-", 500), Some((0, 499)));
-        assert_eq!(parse_range("bytes=299-", 500), Some(vec![(299, 499)]));
+        assert_eq!(parse_range("bytes=299-", 500), Some((299, 499)));
-        assert_eq!(parse_range("bytes=-500", 500), Some(vec![(0, 499)]));
+        assert_eq!(parse_range("bytes=-500", 500), Some((0, 499)));
-        assert_eq!(parse_range("bytes=-300", 500), Some(vec![(200, 499)]));
+        assert_eq!(parse_range("bytes=-300", 500), Some((200, 499)));
        assert_eq!(
            parse_range("bytes=0-199, 100-399, 400-, -200", 500),
            Some(vec![(0, 199), (100, 399), (400, 499), (300, 499)])
        );
        assert_eq!(parse_range("bytes=500-", 500), None);
        assert_eq!(parse_range("bytes=-501", 500), None);
        assert_eq!(parse_range("bytes=0-500", 500), None);
        assert_eq!(parse_range("bytes=0-199,", 500), None);
        assert_eq!(parse_range("bytes=0-199, 500-", 500), None);
    }
 }
--- a/tests/assets.rs
+++ b/tests/assets.rs
@@ -1,6 +1,7 @@
 mod fixtures;
 mod utils;
 use assert_cmd::prelude::*;
 use assert_fs::fixture::TempDir;
 use fixtures::{port, server, tmpdir, wait_for_port, Error, TestServer, DIR_ASSETS};
 use rstest::rstest;
@@ -100,7 +101,7 @@ fn asset_js_with_prefix(
 #[rstest]
 fn assets_override(tmpdir: TempDir, port: u16) -> Result<(), Error> {
-    let mut child = Command::new(assert_cmd::cargo::cargo_bin!())
+    let mut child = Command::cargo_bin("dufs")?
        .arg(tmpdir.path())
        .arg("-p")
        .arg(port.to_string())
@@ -114,7 +115,7 @@ fn assets_override(tmpdir: TempDir, port: u16) -> Result<(), Error> {
    let url = format!("http://localhost:{port}");
    let resp = reqwest::blocking::get(&url)?;
    assert!(resp.text()?.starts_with(&format!(
-        "/__dufs_v{}__/index.js;<template id=\"index-data\">",
+        "/__dufs_v{}__/index.js;DATA",
        env!("CARGO_PKG_VERSION")
    )));
    let resp = reqwest::blocking::get(&url)?;
--- a/tests/auth.rs
+++ b/tests/auth.rs
@@ -1,8 +1,7 @@
 mod digest_auth_util;
 mod fixtures;
 mod utils;
-use digest_auth_util::send_with_digest_auth;
+use diqwest::blocking::WithDigestAuth;
 use fixtures::{server, Error, TestServer};
 use indexmap::IndexSet;
 use rstest::rstest;
@@ -33,7 +32,9 @@ fn auth(#[case] server: TestServer, #[case] user: &str, #[case] pass: &str) -> R
    let url = format!("{}file1", server.url());
    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
    assert_eq!(resp.status(), 401);
-    let resp = send_with_digest_auth(fetch!(b"PUT", &url).body(b"abc".to_vec()), user, pass)?;
+    let resp = fetch!(b"PUT", &url)
        .body(b"abc".to_vec())
        .send_with_digest_auth(user, pass)?;
    assert_eq!(resp.status(), 201);
    Ok(())
 }
@@ -57,27 +58,27 @@ fn invalid_auth(
    Ok(())
 }
 const HASHED_PASSWORD_AUTH: &str =  "user:$6$gQxZwKyWn/ZmWEA2$4uV7KKMnSUnET2BtWTj/9T5.Jq3h/MdkOlnIl5hdlTxDZ4MZKmJ.kl6C.NL9xnNPqC4lVHC1vuI0E5cLpTJX81@/:rw"; // user:pass
 #[rstest]
 #[case(server(&["--auth", "user:$6$gQxZwKyWn/ZmWEA2$4uV7KKMnSUnET2BtWTj/9T5.Jq3h/MdkOlnIl5hdlTxDZ4MZKmJ.kl6C.NL9xnNPqC4lVHC1vuI0E5cLpTJX81@/:rw", "-A"]), "user", "pass")]
 #[case(server(&["--auth", "user:$6$YV1J6OHZAAgbzCbS$V55ZEgvJ6JFdz1nLO4AD696PRHAJYhfQf.Gy2HafrCz5itnbgNTtTgfUSqZrt4BJ7FcpRfSt/QZzAan68pido0@/:rw", "-A"]), "user", "pa:ss@1")]
 fn auth_hashed_password(
-    #[case] server: TestServer,
+    #[with(&["--auth", HASHED_PASSWORD_AUTH, "-A"])] server: TestServer,
    #[case] user: &str,
    #[case] pass: &str,
 ) -> Result<(), Error> {
    let url = format!("{}file1", server.url());
    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
    assert_eq!(resp.status(), 401);
-    if let Err(err) = send_with_digest_auth(fetch!(b"PUT", &url).body(b"abc".to_vec()), user, pass)
+    if let Err(err) = fetch!(b"PUT", &url)
        .body(b"abc".to_vec())
        .send_with_digest_auth("user", "pass")
    {
        assert_eq!(
-            err.to_string(),
+            format!("{err:?}"),
-            r#"Missing "realm" in header: Basic realm="DUFS""#
+            r#"DigestAuth(MissingRequired("realm", "Basic realm=\"DUFS\""))"#
        );
    }
    let resp = fetch!(b"PUT", &url)
        .body(b"abc".to_vec())
-        .basic_auth(user, Some(pass))
+        .basic_auth("user", Some("pass"))
        .send()?;
    assert_eq!(resp.status(), 201);
    Ok(())
@@ -90,7 +91,9 @@ fn auth_and_public(
    let url = format!("{}file1", server.url());
    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
    assert_eq!(resp.status(), 401);
-    let resp = send_with_digest_auth(fetch!(b"PUT", &url).body(b"abc".to_vec()), "user", "pass")?;
+    let resp = fetch!(b"PUT", &url)
        .body(b"abc".to_vec())
        .send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 201);
    let resp = fetch!(b"GET", &url).send()?;
    assert_eq!(resp.status(), 200);
@@ -115,83 +118,31 @@ fn auth_skip_on_options_method(
    Ok(())
 }
 #[rstest]
 fn auth_skip_if_no_auth_user(server: TestServer) -> Result<(), Error> {
    let url = format!("{}index.html", server.url());
    let resp = fetch!(b"GET", &url)
        .basic_auth("user", Some("pass"))
        .send()?;
    assert_eq!(resp.status(), 200);
    Ok(())
 }
 #[rstest]
 fn auth_no_skip_if_anonymous(
    #[with(&["--auth", "@/:ro"])] server: TestServer,
 ) -> Result<(), Error> {
    let url = format!("{}index.html", server.url());
    let resp = fetch!(b"GET", &url)
        .basic_auth("user", Some("pass"))
        .send()?;
    assert_eq!(resp.status(), 401);
    let resp = fetch!(b"GET", &url).send()?;
    assert_eq!(resp.status(), 200);
    let resp = fetch!(b"DELETE", &url)
        .basic_auth("user", Some("pass"))
        .send()?;
    assert_eq!(resp.status(), 401);
    Ok(())
 }
 #[rstest]
 fn auth_check(
    #[with(&["--auth", "user:pass@/:rw", "--auth", "user2:pass2@/", "-A"])] server: TestServer,
 ) -> Result<(), Error> {
-    let url = format!("{}", server.url());
+    let url = format!("{}index.html", server.url());
-    let resp = fetch!(b"CHECKAUTH", &url).send()?;
+    let resp = fetch!(b"WRITEABLE", &url).send()?;
    assert_eq!(resp.status(), 401);
-    let resp = send_with_digest_auth(fetch!(b"CHECKAUTH", &url), "user", "pass")?;
+    let resp = fetch!(b"WRITEABLE", &url).send_with_digest_auth("user2", "pass2")?;
-    assert_eq!(resp.status(), 200);
+    assert_eq!(resp.status(), 403);
-    let resp = send_with_digest_auth(fetch!(b"CHECKAUTH", &url), "user2", "pass2")?;
+    let resp = fetch!(b"WRITEABLE", &url).send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 200);
    Ok(())
 }
 #[rstest]
-fn auth_check2(
+fn auth_compact_rules(
    #[with(&["--auth", "user:pass@/:rw|user2:pass2@/", "-A"])] server: TestServer,
 ) -> Result<(), Error> {
    let url = format!("{}", server.url());
    let resp = fetch!(b"CHECKAUTH", &url).send()?;
    assert_eq!(resp.status(), 401);
    let resp = send_with_digest_auth(fetch!(b"CHECKAUTH", &url), "user", "pass")?;
    assert_eq!(resp.status(), 200);
    let resp = send_with_digest_auth(fetch!(b"CHECKAUTH", &url), "user2", "pass2")?;
    assert_eq!(resp.status(), 200);
    Ok(())
 }
 #[rstest]
 fn auth_check3(
    #[with(&["--auth", "user:pass@/:rw", "--auth", "@/dir1:rw", "-A"])] server: TestServer,
 ) -> Result<(), Error> {
    let url = format!("{}dir1/", server.url());
    let resp = fetch!(b"CHECKAUTH", &url).send()?;
    assert_eq!(resp.status(), 200);
    let resp = fetch!(b"CHECKAUTH", format!("{url}?login")).send()?;
    assert_eq!(resp.status(), 401);
    Ok(())
 }
 #[rstest]
 fn auth_logout(
    #[with(&["--auth", "user:pass@/:rw", "-A"])] server: TestServer,
 ) -> Result<(), Error> {
    let url = format!("{}index.html", server.url());
-    let resp = fetch!(b"LOGOUT", &url).send()?;
+    let resp = fetch!(b"WRITEABLE", &url).send()?;
    assert_eq!(resp.status(), 401);
    let resp = send_with_digest_auth(fetch!(b"LOGOUT", &url), "user", "pass")?;
    assert_eq!(resp.status(), 401);
    let resp = fetch!(b"WRITEABLE", &url).send_with_digest_auth("user2", "pass2")?;
    assert_eq!(resp.status(), 403);
    let resp = fetch!(b"WRITEABLE", &url).send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 200);
    Ok(())
 }
@@ -202,10 +153,12 @@ fn auth_readonly(
    let url = format!("{}index.html", server.url());
    let resp = fetch!(b"GET", &url).send()?;
    assert_eq!(resp.status(), 401);
-    let resp = send_with_digest_auth(fetch!(b"GET", &url), "user2", "pass2")?;
+    let resp = fetch!(b"GET", &url).send_with_digest_auth("user2", "pass2")?;
    assert_eq!(resp.status(), 200);
    let url = format!("{}file1", server.url());
-    let resp = send_with_digest_auth(fetch!(b"PUT", &url).body(b"abc".to_vec()), "user2", "pass2")?;
+    let resp = fetch!(b"PUT", &url)
        .body(b"abc".to_vec())
        .send_with_digest_auth("user2", "pass2")?;
    assert_eq!(resp.status(), 403);
    Ok(())
 }
@@ -218,9 +171,13 @@ fn auth_nest(
    let url = format!("{}dir1/file1", server.url());
    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
    assert_eq!(resp.status(), 401);
-    let resp = send_with_digest_auth(fetch!(b"PUT", &url).body(b"abc".to_vec()), "user3", "pass3")?;
+    let resp = fetch!(b"PUT", &url)
        .body(b"abc".to_vec())
        .send_with_digest_auth("user3", "pass3")?;
    assert_eq!(resp.status(), 201);
-    let resp = send_with_digest_auth(fetch!(b"PUT", &url).body(b"abc".to_vec()), "user", "pass")?;
+    let resp = fetch!(b"PUT", &url)
        .body(b"abc".to_vec())
        .send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 201);
    Ok(())
 }
@@ -262,11 +219,9 @@ fn auth_webdav_move(
 ) -> Result<(), Error> {
    let origin_url = format!("{}dir1/test.html", server.url());
    let new_url = format!("{}test2.html", server.url());
-    let resp = send_with_digest_auth(
+    let resp = fetch!(b"MOVE", &origin_url)
-        fetch!(b"MOVE", &origin_url).header("Destination", &new_url),
+        .header("Destination", &new_url)
-        "user3",
+        .send_with_digest_auth("user3", "pass3")?;
        "pass3",
    )?;
    assert_eq!(resp.status(), 403);
    Ok(())
 }
@@ -278,11 +233,9 @@ fn auth_webdav_copy(
 ) -> Result<(), Error> {
    let origin_url = format!("{}dir1/test.html", server.url());
    let new_url = format!("{}test2.html", server.url());
-    let resp = send_with_digest_auth(
+    let resp = fetch!(b"COPY", &origin_url)
-        fetch!(b"COPY", &origin_url).header("Destination", &new_url),
+        .header("Destination", &new_url)
-        "user3",
+        .send_with_digest_auth("user3", "pass3")?;
        "pass3",
    )?;
    assert_eq!(resp.status(), 403);
    Ok(())
 }
@@ -294,7 +247,7 @@ fn auth_path_prefix(
    let url = format!("{}xyz/index.html", server.url());
    let resp = fetch!(b"GET", &url).send()?;
    assert_eq!(resp.status(), 401);
-    let resp = send_with_digest_auth(fetch!(b"GET", &url), "user", "pass")?;
+    let resp = fetch!(b"GET", &url).send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 200);
    Ok(())
 }
@@ -303,15 +256,12 @@ fn auth_path_prefix(
 fn auth_partial_index(
    #[with(&["--auth", "user:pass@/dir1:rw,/dir2:rw", "-A"])] server: TestServer,
 ) -> Result<(), Error> {
-    let resp = send_with_digest_auth(fetch!(b"GET", server.url()), "user", "pass")?;
+    let resp = fetch!(b"GET", server.url()).send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 200);
    let paths = utils::retrieve_index_paths(&resp.text()?);
    assert_eq!(paths, IndexSet::from(["dir1/".into(), "dir2/".into()]));
-    let resp = send_with_digest_auth(
+    let resp = fetch!(b"GET", format!("{}?q={}", server.url(), "test.html"))
-        fetch!(b"GET", format!("{}?q={}", server.url(), "test.html")),
+        .send_with_digest_auth("user", "pass")?;
        "user",
        "pass",
    )?;
    assert_eq!(resp.status(), 200);
    let paths = utils::retrieve_index_paths(&resp.text()?);
    assert_eq!(
@@ -338,7 +288,7 @@ fn auth_propfind_dir(
    #[with(&["--auth", "admin:admin@/:rw", "--auth", "user:pass@/dir-assets", "-A"])]
    server: TestServer,
 ) -> Result<(), Error> {
-    let resp = send_with_digest_auth(fetch!(b"PROPFIND", server.url()), "user", "pass")?;
+    let resp = fetch!(b"PROPFIND", server.url()).send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 207);
    let body = resp.text()?;
    assert!(body.contains("<D:href>/dir-assets/</D:href>"));
@@ -352,45 +302,34 @@ fn auth_data(
 ) -> Result<(), Error> {
    let resp = reqwest::blocking::get(server.url())?;
    let content = resp.text()?;
-    let json = utils::retrieve_json(&content).unwrap();
+    let json = utils::retrive_json(&content).unwrap();
    assert_eq!(json["allow_delete"], serde_json::Value::Bool(false));
    assert_eq!(json["allow_upload"], serde_json::Value::Bool(false));
    let resp = fetch!(b"GET", server.url())
        .basic_auth("user", Some("pass"))
        .send()?;
    let content = resp.text()?;
-    let json = utils::retrieve_json(&content).unwrap();
+    let json = utils::retrive_json(&content).unwrap();
    assert_eq!(json["allow_delete"], serde_json::Value::Bool(true));
    assert_eq!(json["allow_upload"], serde_json::Value::Bool(true));
    Ok(())
 }
 #[rstest]
-fn auth_shadow(
+fn auth_precedence(
-    #[with(&["--auth", "user:pass@/:rw", "-a", "@/dir1", "-A"])] server: TestServer,
+    #[with(&["--auth", "user:pass@/dir1:rw,/dir1/test.txt", "-A"])] server: TestServer,
 ) -> Result<(), Error> {
    let url = format!("{}dir1/test.txt", server.url());
-    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
+    let resp = fetch!(b"PUT", &url)
-    assert_eq!(resp.status(), 401);
+        .body(b"abc".to_vec())
        .send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 403);
-    let resp = send_with_digest_auth(fetch!(b"PUT", &url).body(b"abc".to_vec()), "user", "pass")?;
+    let url = format!("{}dir1/file1", server.url());
    let resp = fetch!(b"PUT", &url)
        .body(b"abc".to_vec())
        .send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 201);
    Ok(())
 }
 #[rstest]
 fn token_auth(#[with(&["-a", "user:pass@/"])] server: TestServer) -> Result<(), Error> {
    let url = format!("{}index.html", server.url());
    let resp = fetch!(b"GET", &url).send()?;
    assert_eq!(resp.status(), 401);
    let url = format!("{}index.html?tokengen", server.url());
    let resp = fetch!(b"GET", &url)
        .basic_auth("user", Some("pass"))
        .send()?;
    let token = resp.text()?;
    let url = format!("{}index.html?token={token}", server.url());
    let resp = fetch!(b"GET", &url).send()?;
    assert_eq!(resp.status(), 200);
    Ok(())
 }
--- a/tests/bind.rs
+++ b/tests/bind.rs
@@ -12,7 +12,7 @@ use std::process::{Command, Stdio};
 #[rstest]
 #[case(&["-b", "20.205.243.166"])]
 fn bind_fails(tmpdir: TempDir, port: u16, #[case] args: &[&str]) -> Result<(), Error> {
-    Command::new(assert_cmd::cargo::cargo_bin!())
+    Command::cargo_bin("dufs")?
        .arg(tmpdir.path())
        .arg("-p")
        .arg(port.to_string())
@@ -49,7 +49,7 @@ fn bind_ipv4_ipv6(
 #[case(&[] as &[&str])]
 #[case(&["--path-prefix", "/prefix"])]
 fn validate_printed_urls(tmpdir: TempDir, port: u16, #[case] args: &[&str]) -> Result<(), Error> {
-    let mut child = Command::new(assert_cmd::cargo::cargo_bin!())
+    let mut child = Command::cargo_bin("dufs")?
        .arg(tmpdir.path())
        .arg("-p")
        .arg(port.to_string())
--- a/tests/cache.rs
+++ b/tests/cache.rs
@@ -1,80 +0,0 @@
 mod fixtures;
 mod utils;
 use chrono::{DateTime, Duration};
 use fixtures::{server, Error, TestServer};
 use reqwest::header::{
    HeaderName, ETAG, IF_MATCH, IF_MODIFIED_SINCE, IF_NONE_MATCH, IF_UNMODIFIED_SINCE,
    LAST_MODIFIED,
 };
 use reqwest::StatusCode;
 use rstest::rstest;
 #[rstest]
 #[case(IF_UNMODIFIED_SINCE, Duration::days(1), StatusCode::OK)]
 #[case(IF_UNMODIFIED_SINCE, Duration::days(0), StatusCode::OK)]
 #[case(IF_UNMODIFIED_SINCE, Duration::days(-1), StatusCode::PRECONDITION_FAILED)]
 #[case(IF_MODIFIED_SINCE, Duration::days(1), StatusCode::NOT_MODIFIED)]
 #[case(IF_MODIFIED_SINCE, Duration::days(0), StatusCode::NOT_MODIFIED)]
 #[case(IF_MODIFIED_SINCE, Duration::days(-1), StatusCode::OK)]
 fn get_file_with_if_modified_since_condition(
    #[case] header_condition: HeaderName,
    #[case] duration_after_file_modified: Duration,
    #[case] expected_code: StatusCode,
    server: TestServer,
 ) -> Result<(), Error> {
    let resp = fetch!(b"HEAD", format!("{}index.html", server.url())).send()?;
    let last_modified = resp
        .headers()
        .get(LAST_MODIFIED)
        .and_then(|h| h.to_str().ok())
        .and_then(|s| DateTime::parse_from_rfc2822(s).ok())
        .expect("Received no valid last modified header");
    let req_modified_time = (last_modified + duration_after_file_modified)
        .format("%a, %d %b %Y %T GMT")
        .to_string();
    let resp = fetch!(b"GET", format!("{}index.html", server.url()))
        .header(header_condition, req_modified_time)
        .send()?;
    assert_eq!(resp.status(), expected_code);
    Ok(())
 }
 fn same_etag(etag: &str) -> String {
    etag.to_owned()
 }
 fn different_etag(etag: &str) -> String {
    format!("{etag}1234")
 }
 #[rstest]
 #[case(IF_MATCH, same_etag, StatusCode::OK)]
 #[case(IF_MATCH, different_etag, StatusCode::PRECONDITION_FAILED)]
 #[case(IF_NONE_MATCH, same_etag, StatusCode::NOT_MODIFIED)]
 #[case(IF_NONE_MATCH, different_etag, StatusCode::OK)]
 fn get_file_with_etag_match(
    #[case] header_condition: HeaderName,
    #[case] etag_modifier: fn(&str) -> String,
    #[case] expected_code: StatusCode,
    server: TestServer,
 ) -> Result<(), Error> {
    let resp = fetch!(b"HEAD", format!("{}index.html", server.url())).send()?;
    let etag = resp
        .headers()
        .get(ETAG)
        .and_then(|h| h.to_str().ok())
        .expect("Received no valid etag header");
    let resp = fetch!(b"GET", format!("{}index.html", server.url()))
        .header(header_condition, etag_modifier(etag))
        .send()?;
    assert_eq!(resp.status(), expected_code);
    Ok(())
 }
--- a/tests/cli.rs
+++ b/tests/cli.rs
@@ -11,10 +11,7 @@ use std::process::Command;
 #[test]
 /// Show help and exit.
 fn help_shows() -> Result<(), Error> {
-    Command::new(assert_cmd::cargo::cargo_bin!())
+    Command::cargo_bin("dufs")?.arg("-h").assert().success();
        .arg("-h")
        .assert()
        .success();
    Ok(())
 }
@@ -24,7 +21,7 @@ fn help_shows() -> Result<(), Error> {
 fn print_completions() -> Result<(), Error> {
    // let shell_enums = EnumValueParser::<Shell>::new();
    for shell in Shell::value_variants() {
-        Command::new(assert_cmd::cargo::cargo_bin!())
+        Command::cargo_bin("dufs")?
            .arg("--completions")
            .arg(shell.to_string())
            .assert()
--- a/tests/config.rs
+++ b/tests/config.rs
@@ -1,9 +1,9 @@
 mod digest_auth_util;
 mod fixtures;
 mod utils;
 use assert_cmd::prelude::*;
 use assert_fs::TempDir;
-use digest_auth_util::send_with_digest_auth;
+use diqwest::blocking::WithDigestAuth;
 use fixtures::{port, tmpdir, wait_for_port, Error};
 use rstest::rstest;
 use std::path::PathBuf;
@@ -12,7 +12,7 @@ use std::process::{Command, Stdio};
 #[rstest]
 fn use_config_file(tmpdir: TempDir, port: u16) -> Result<(), Error> {
    let config_path = get_config_path().display().to_string();
-    let mut child = Command::new(assert_cmd::cargo::cargo_bin!())
+    let mut child = Command::cargo_bin("dufs")?
        .arg(tmpdir.path())
        .arg("-p")
        .arg(port.to_string())
@@ -27,18 +27,20 @@ fn use_config_file(tmpdir: TempDir, port: u16) -> Result<(), Error> {
    assert_eq!(resp.status(), 401);
    let url = format!("http://localhost:{port}/dufs/index.html");
-    let resp = send_with_digest_auth(fetch!(b"GET", &url), "user", "pass")?;
+    let resp = fetch!(b"GET", &url).send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.text()?, "This is index.html");
    let url = format!("http://localhost:{port}/dufs?simple");
-    let resp = send_with_digest_auth(fetch!(b"GET", &url), "user", "pass")?;
+    let resp = fetch!(b"GET", &url).send_with_digest_auth("user", "pass")?;
    let text: String = resp.text().unwrap();
    assert!(text.split('\n').any(|c| c == "dir1/"));
    assert!(!text.split('\n').any(|c| c == "dir3/"));
    assert!(!text.split('\n').any(|c| c == "test.txt"));
    let url = format!("http://localhost:{port}/dufs/dir1/upload.txt");
-    let resp = send_with_digest_auth(fetch!(b"PUT", &url).body("Hello"), "user", "pass")?;
+    let resp = fetch!(b"PUT", &url)
        .body("Hello")
        .send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 201);
    child.kill()?;
--- a/tests/digest_auth_util.rs
+++ b/tests/digest_auth_util.rs
@@ -1,91 +0,0 @@
 /// Refs https://github.dev/maoertel/diqwest/blob/main/src/blocking.rs
 use anyhow::{anyhow, Result};
 use digest_auth::{AuthContext, AuthorizationHeader, HttpMethod};
 use hyper::{header::AUTHORIZATION, HeaderMap, StatusCode};
 use reqwest::blocking::{RequestBuilder, Response};
 use url::Position;
 pub fn send_with_digest_auth(
    request_builder: RequestBuilder,
    username: &str,
    password: &str,
 ) -> Result<Response> {
    let first_response = try_clone_request_builder(&request_builder)?.send()?;
    match first_response.status() {
        StatusCode::UNAUTHORIZED => {
            try_digest_auth(request_builder, first_response, username, password)
        }
        _ => Ok(first_response),
    }
 }
 fn try_digest_auth(
    request_builder: RequestBuilder,
    first_response: Response,
    username: &str,
    password: &str,
 ) -> Result<Response> {
    if let Some(answer) = get_answer(
        &request_builder,
        first_response.headers(),
        username,
        password,
    )? {
        return Ok(request_builder
            .header(AUTHORIZATION, answer.to_header_string())
            .send()?);
    };
    Ok(first_response)
 }
 fn try_clone_request_builder(request_builder: &RequestBuilder) -> Result<RequestBuilder> {
    request_builder
        .try_clone()
        .ok_or_else(|| anyhow!("Request body must not be a stream"))
 }
 fn get_answer(
    request_builder: &RequestBuilder,
    first_response: &HeaderMap,
    username: &str,
    password: &str,
 ) -> Result<Option<AuthorizationHeader>> {
    let answer = calculate_answer(request_builder, first_response, username, password);
    match answer {
        Ok(answer) => Ok(Some(answer)),
        Err(error) => Err(error),
    }
 }
 fn calculate_answer(
    request_builder: &RequestBuilder,
    headers: &HeaderMap,
    username: &str,
    password: &str,
 ) -> Result<AuthorizationHeader> {
    let request = try_clone_request_builder(request_builder)?.build()?;
    let path = &request.url()[Position::AfterPort..];
    let method = HttpMethod::from(request.method().as_str());
    let body = request.body().and_then(|b| b.as_bytes());
    parse_digest_auth_header(headers, path, method, body, username, password)
 }
 fn parse_digest_auth_header(
    header: &HeaderMap,
    path: &str,
    method: HttpMethod,
    body: Option<&[u8]>,
    username: &str,
    password: &str,
 ) -> Result<AuthorizationHeader> {
    let www_auth = header
        .get("www-authenticate")
        .ok_or_else(|| anyhow!("The header 'www-authenticate' is missing."))?
        .to_str()?;
    let context = AuthContext::new_with_method(username, password, path, body, method);
    let mut prompt = digest_auth::parse(www_auth)?;
    Ok(prompt.respond(&context)?)
 }
--- a/tests/fixtures.rs
+++ b/tests/fixtures.rs
@@ -1,3 +1,4 @@
 use assert_cmd::prelude::*;
 use assert_fs::fixture::TempDir;
 use assert_fs::prelude::*;
 use port_check::free_local_port;
@@ -64,7 +65,7 @@ pub fn tmpdir() -> TempDir {
        if *directory == DIR_ASSETS {
            tmpdir
                .child(format!("{}{}", directory, "index.html"))
-                .write_str("__ASSETS_PREFIX__index.js;<template id=\"index-data\">__INDEX_DATA__</template>")
+                .write_str("__ASSETS_PREFIX__index.js;DATA = __INDEX_DATA__")
                .unwrap();
        } else {
            for file in FILES {
@@ -128,7 +129,8 @@ where
 {
    let port = port();
    let tmpdir = tmpdir();
-    let child = Command::new(assert_cmd::cargo::cargo_bin!())
+    let child = Command::cargo_bin("dufs")
        .expect("Couldn't find test binary")
        .arg(tmpdir.path())
        .arg("-p")
        .arg(port.to_string())
@@ -144,14 +146,14 @@ where
    TestServer::new(port, tmpdir, child, is_tls)
 }
-/// Wait a max of 2s for the port to become available.
+/// Wait a max of 1s for the port to become available.
 pub fn wait_for_port(port: u16) {
    let start_wait = Instant::now();
    while !port_check::is_port_reachable(format!("localhost:{port}")) {
-        sleep(Duration::from_millis(250));
+        sleep(Duration::from_millis(100));
-        if start_wait.elapsed().as_secs() > 2 {
+        if start_wait.elapsed().as_secs() > 1 {
            panic!("timeout waiting for port {port}");
        }
    }
--- a/tests/health.rs
+++ b/tests/health.rs
@@ -1,31 +0,0 @@
 mod fixtures;
 mod utils;
 use fixtures::{server, Error, TestServer};
 use rstest::rstest;
 const HEALTH_CHECK_PATH: &str = "__dufs__/health";
 const HEALTH_CHECK_RESPONSE: &str = r#"{"status":"OK"}"#;
 #[rstest]
 fn normal_health(server: TestServer) -> Result<(), Error> {
    let resp = reqwest::blocking::get(format!("{}{HEALTH_CHECK_PATH}", server.url()))?;
    assert_eq!(resp.text()?, HEALTH_CHECK_RESPONSE);
    Ok(())
 }
 #[rstest]
 fn auth_health(
    #[with(&["--auth", "user:pass@/:rw", "-A"])] server: TestServer,
 ) -> Result<(), Error> {
    let resp = reqwest::blocking::get(format!("{}{HEALTH_CHECK_PATH}", server.url()))?;
    assert_eq!(resp.text()?, HEALTH_CHECK_RESPONSE);
    Ok(())
 }
 #[rstest]
 fn path_prefix_health(#[with(&["--path-prefix", "xyz"])] server: TestServer) -> Result<(), Error> {
    let resp = reqwest::blocking::get(format!("{}xyz/{HEALTH_CHECK_PATH}", server.url()))?;
    assert_eq!(resp.text()?, HEALTH_CHECK_RESPONSE);
    Ok(())
 }
--- a/tests/http.rs
+++ b/tests/http.rs
@@ -4,7 +4,7 @@ mod utils;
 use fixtures::{server, Error, TestServer, BIN_FILE};
 use rstest::rstest;
 use serde_json::Value;
-use utils::retrieve_edit_file;
+use utils::retrive_edit_file;
 #[rstest]
 fn get_dir(server: TestServer) -> Result<(), Error> {
@@ -82,19 +82,6 @@ fn get_dir_simple(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
    Ok(())
 }
 #[rstest]
 fn get_dir_noscript(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
    let resp = reqwest::blocking::get(format!("{}?noscript", server.url()))?;
    assert_eq!(resp.status(), 200);
    assert_eq!(
        resp.headers().get("content-type").unwrap(),
        "text/html; charset=utf-8"
    );
    let text = resp.text().unwrap();
    assert!(text.contains(r#"<td><a href="index.html">index.html</a></td>"#));
    Ok(())
 }
 #[rstest]
 fn head_dir_zip(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
    let resp = fetch!(b"HEAD", format!("{}?zip", server.url())).send()?;
@@ -202,28 +189,6 @@ fn head_file(server: TestServer) -> Result<(), Error> {
    Ok(())
 }
 #[rstest]
 fn hash_file(#[with(&["--allow-hash"])] server: TestServer) -> Result<(), Error> {
    let resp = reqwest::blocking::get(format!("{}index.html?hash", server.url()))?;
    assert_eq!(
        resp.headers().get("content-type").unwrap(),
        "text/html; charset=utf-8"
    );
    assert_eq!(resp.status(), 200);
    assert_eq!(
        resp.text()?,
        "c8dd395e3202674b9512f7b7f956e0d96a8ba8f572e785b0d5413ab83766dbc4"
    );
    Ok(())
 }
 #[rstest]
 fn no_hash_file(server: TestServer) -> Result<(), Error> {
    let resp = reqwest::blocking::get(format!("{}index.html?hash", server.url()))?;
    assert_eq!(resp.status(), 403);
    Ok(())
 }
 #[rstest]
 fn get_file_404(server: TestServer) -> Result<(), Error> {
    let resp = reqwest::blocking::get(format!("{}404", server.url()))?;
@@ -258,7 +223,7 @@ fn get_file_newline_path(server: TestServer) -> Result<(), Error> {
 fn get_file_edit(server: TestServer) -> Result<(), Error> {
    let resp = fetch!(b"GET", format!("{}index.html?edit", server.url())).send()?;
    assert_eq!(resp.status(), 200);
-    let editable = retrieve_edit_file(&resp.text().unwrap()).unwrap();
+    let editable = retrive_edit_file(&resp.text().unwrap()).unwrap();
    assert!(editable);
    Ok(())
 }
@@ -267,7 +232,7 @@ fn get_file_edit(server: TestServer) -> Result<(), Error> {
 fn get_file_edit_bin(server: TestServer) -> Result<(), Error> {
    let resp = fetch!(b"GET", format!("{}{BIN_FILE}?edit", server.url())).send()?;
    assert_eq!(resp.status(), 200);
-    let editable = retrieve_edit_file(&resp.text().unwrap()).unwrap();
+    let editable = retrive_edit_file(&resp.text().unwrap()).unwrap();
    assert!(!editable);
    Ok(())
 }
@@ -285,9 +250,12 @@ fn options_dir(server: TestServer) -> Result<(), Error> {
    assert_eq!(resp.status(), 200);
    assert_eq!(
        resp.headers().get("allow").unwrap(),
-        "GET,HEAD,PUT,OPTIONS,DELETE,PATCH,PROPFIND,COPY,MOVE,CHECKAUTH,LOGOUT"
+        "GET,HEAD,PUT,OPTIONS,DELETE,PATCH,PROPFIND,COPY,MOVE"
    );
    assert_eq!(
        resp.headers().get("dav").unwrap(),
        "1, 2, 3, sabredav-partialupdate"
    );
    assert_eq!(resp.headers().get("dav").unwrap(), "1, 2, 3");
    Ok(())
 }
--- a/tests/http_logger.rs
+++ b/tests/http_logger.rs
@@ -1,10 +1,10 @@
 mod digest_auth_util;
 mod fixtures;
 mod utils;
-use digest_auth_util::send_with_digest_auth;
+use diqwest::blocking::WithDigestAuth;
 use fixtures::{port, tmpdir, wait_for_port, Error};
 use assert_cmd::prelude::*;
 use assert_fs::fixture::TempDir;
 use rstest::rstest;
 use std::io::Read;
@@ -19,7 +19,7 @@ fn log_remote_user(
    #[case] args: &[&str],
    #[case] is_basic: bool,
 ) -> Result<(), Error> {
-    let mut child = Command::new(assert_cmd::cargo::cargo_bin!())
+    let mut child = Command::cargo_bin("dufs")?
        .arg(tmpdir.path())
        .arg("-p")
        .arg(port.to_string())
@@ -31,12 +31,12 @@ fn log_remote_user(
    let stdout = child.stdout.as_mut().expect("Failed to get stdout");
-    let req_builder = fetch!(b"GET", &format!("http://localhost:{port}"));
+    let req = fetch!(b"GET", &format!("http://localhost:{port}"));
    let resp = if is_basic {
-        req_builder.basic_auth("user", Some("pass")).send()?
+        req.basic_auth("user", Some("pass")).send()?
    } else {
-        send_with_digest_auth(req_builder, "user", "pass")?
+        req.send_with_digest_auth("user", "pass")?
    };
    assert_eq!(resp.status(), 200);
@@ -54,7 +54,7 @@ fn log_remote_user(
 #[rstest]
 #[case(&["--log-format", ""])]
 fn no_log(tmpdir: TempDir, port: u16, #[case] args: &[&str]) -> Result<(), Error> {
-    let mut child = Command::new(assert_cmd::cargo::cargo_bin!())
+    let mut child = Command::cargo_bin("dufs")?
        .arg(tmpdir.path())
        .arg("-p")
        .arg(port.to_string())
--- a/tests/range.rs
+++ b/tests/range.rs
@@ -2,7 +2,7 @@ mod fixtures;
 mod utils;
 use fixtures::{server, Error, TestServer};
-use reqwest::header::{HeaderMap, HeaderName, HeaderValue};
+use reqwest::header::HeaderValue;
 use rstest::rstest;
 #[rstest]
@@ -39,68 +39,3 @@ fn get_file_range_invalid(server: TestServer) -> Result<(), Error> {
    assert_eq!(resp.headers().get("content-range").unwrap(), "bytes */18");
    Ok(())
 }
 fn parse_multipart_body<'a>(body: &'a str, boundary: &str) -> Vec<(HeaderMap, &'a str)> {
    body.split(&format!("--{boundary}"))
        .filter(|part| !part.is_empty() && *part != "--\r\n")
        .map(|part| {
            let (head, body) = part.trim_ascii().split_once("\r\n\r\n").unwrap();
            let headers = head
                .split("\r\n")
                .fold(HeaderMap::new(), |mut headers, header| {
                    let (key, value) = header.split_once(":").unwrap();
                    let key = HeaderName::from_bytes(key.as_bytes()).unwrap();
                    let value = HeaderValue::from_str(value.trim_ascii_start()).unwrap();
                    headers.insert(key, value);
                    headers
                });
            (headers, body)
        })
        .collect()
 }
 #[rstest]
 fn get_file_multipart_range(server: TestServer) -> Result<(), Error> {
    let resp = fetch!(b"GET", format!("{}index.html", server.url()))
        .header("range", HeaderValue::from_static("bytes=0-11, 6-17"))
        .send()?;
    assert_eq!(resp.status(), 206);
    assert_eq!(resp.headers().get("accept-ranges").unwrap(), "bytes");
    let content_type = resp
        .headers()
        .get("content-type")
        .unwrap()
        .to_str()?
        .to_string();
    assert!(content_type.starts_with("multipart/byteranges; boundary="));
    let boundary = content_type.split_once('=').unwrap().1.trim_ascii_start();
    assert!(!boundary.is_empty());
    let body = resp.text()?;
    let parts = parse_multipart_body(&body, boundary);
    assert_eq!(parts.len(), 2);
    let (headers, body) = &parts[0];
    assert_eq!(headers.get("content-range").unwrap(), "bytes 0-11/18");
    assert_eq!(*body, "This is inde");
    let (headers, body) = &parts[1];
    assert_eq!(headers.get("content-range").unwrap(), "bytes 6-17/18");
    assert_eq!(*body, "s index.html");
    Ok(())
 }
 #[rstest]
 fn get_file_multipart_range_invalid(server: TestServer) -> Result<(), Error> {
    let resp = fetch!(b"GET", format!("{}index.html", server.url()))
        .header("range", HeaderValue::from_static("bytes=0-6, 20-30"))
        .send()?;
    assert_eq!(resp.status(), 416);
    assert_eq!(resp.headers().get("content-range").unwrap(), "bytes */18");
    assert_eq!(resp.headers().get("accept-ranges").unwrap(), "bytes");
    assert_eq!(resp.headers().get("content-length").unwrap(), "0");
    Ok(())
 }
--- a/tests/single_file.rs
+++ b/tests/single_file.rs
@@ -3,6 +3,7 @@
 mod fixtures;
 mod utils;
 use assert_cmd::prelude::*;
 use assert_fs::fixture::TempDir;
 use fixtures::{port, tmpdir, wait_for_port, Error};
 use rstest::rstest;
@@ -11,7 +12,7 @@ use std::process::{Command, Stdio};
 #[rstest]
 #[case("index.html")]
 fn single_file(tmpdir: TempDir, port: u16, #[case] file: &str) -> Result<(), Error> {
-    let mut child = Command::new(assert_cmd::cargo::cargo_bin!())
+    let mut child = Command::cargo_bin("dufs")?
        .arg(tmpdir.path().join(file))
        .arg("-p")
        .arg(port.to_string())
@@ -34,7 +35,7 @@ fn single_file(tmpdir: TempDir, port: u16, #[case] file: &str) -> Result<(), Err
 #[rstest]
 #[case("index.html")]
 fn path_prefix_single_file(tmpdir: TempDir, port: u16, #[case] file: &str) -> Result<(), Error> {
-    let mut child = Command::new(assert_cmd::cargo::cargo_bin!())
+    let mut child = Command::cargo_bin("dufs")?
        .arg(tmpdir.path().join(file))
        .arg("-p")
        .arg(port.to_string())
--- a/tests/tls.rs
+++ b/tests/tls.rs
@@ -1,6 +1,7 @@
 mod fixtures;
 mod utils;
 use assert_cmd::Command;
 use fixtures::{server, Error, TestServer};
 use predicates::str::contains;
 use reqwest::blocking::ClientBuilder;
@@ -24,7 +25,7 @@ use crate::fixtures::port;
 ]))]
 fn tls_works(#[case] server: TestServer) -> Result<(), Error> {
    let client = ClientBuilder::new()
-        .tls_danger_accept_invalid_certs(true)
+        .danger_accept_invalid_certs(true)
        .build()?;
    let resp = client.get(server.url()).send()?.error_for_status()?;
    assert_resp_paths!(resp);
@@ -35,7 +36,7 @@ fn tls_works(#[case] server: TestServer) -> Result<(), Error> {
 #[rstest]
 fn wrong_path_cert() -> Result<(), Error> {
    let port = port().to_string();
-    assert_cmd::cargo::cargo_bin_cmd!()
+    Command::cargo_bin("dufs")?
        .args([
            "--tls-cert",
            "wrong",
@@ -46,7 +47,7 @@ fn wrong_path_cert() -> Result<(), Error> {
        ])
        .assert()
        .failure()
-        .stderr(contains("Failed to load cert file at `wrong`"));
+        .stderr(contains("Failed to access `wrong`"));
    Ok(())
 }
@@ -55,7 +56,7 @@ fn wrong_path_cert() -> Result<(), Error> {
 #[rstest]
 fn wrong_path_key() -> Result<(), Error> {
    let port = port().to_string();
-    assert_cmd::cargo::cargo_bin_cmd!()
+    Command::cargo_bin("dufs")?
        .args([
            "--tls-cert",
            "tests/data/cert.pem",
@@ -66,7 +67,7 @@ fn wrong_path_key() -> Result<(), Error> {
        ])
        .assert()
        .failure()
-        .stderr(contains("Failed to load key file at `wrong`"));
+        .stderr(contains("Failed to access `wrong`"));
    Ok(())
 }
--- a/tests/utils.rs
+++ b/tests/utils.rs
@@ -1,4 +1,3 @@
 use base64::{engine::general_purpose::STANDARD, Engine as _};
 use indexmap::IndexSet;
 use serde_json::Value;
@@ -27,7 +26,7 @@ macro_rules! fetch {
 #[allow(dead_code)]
 pub fn retrieve_index_paths(content: &str) -> IndexSet<String> {
-    let value = retrieve_json(content).unwrap();
+    let value = retrive_json(content).unwrap();
    let paths = value
        .get("paths")
        .unwrap()
@@ -48,8 +47,8 @@ pub fn retrieve_index_paths(content: &str) -> IndexSet<String> {
 }
 #[allow(dead_code)]
-pub fn retrieve_edit_file(content: &str) -> Option<bool> {
+pub fn retrive_edit_file(content: &str) -> Option<bool> {
-    let value = retrieve_json(content).unwrap();
+    let value = retrive_json(content)?;
    let value = value.get("editable").unwrap();
    Some(value.as_bool().unwrap())
 }
@@ -61,22 +60,10 @@ pub fn encode_uri(v: &str) -> String {
 }
 #[allow(dead_code)]
-pub fn retrieve_json(content: &str) -> Option<Value> {
+pub fn retrive_json(content: &str) -> Option<Value> {
    let lines: Vec<&str> = content.lines().collect();
-    let start_tag = "<template id=\"index-data\">";
+    let line = lines.iter().find(|v| v.contains("DATA ="))?;
-    let end_tag = "</template>";
+    let line_col = line.find("DATA =").unwrap() + 6;
-
+    let value: Value = line[line_col..].parse().unwrap();
    let line = lines.iter().find(|v| v.contains(start_tag))?;
    let start_index = line.find(start_tag)?;
    let start_content_index = start_index + start_tag.len();
    let end_index = line[start_content_index..].find(end_tag)?;
    let end_content_index = start_content_index + end_index;
    let value = &line[start_content_index..end_content_index];
    let value = STANDARD.decode(value).ok()?;
    let value = serde_json::from_slice(&value).ok()?;
    Some(value)
 }
--- a/tests/webdav.rs
+++ b/tests/webdav.rs
@@ -40,17 +40,6 @@ fn propfind_dir_depth0(server: TestServer) -> Result<(), Error> {
    Ok(())
 }
 #[rstest]
 fn propfind_dir_depth2(server: TestServer) -> Result<(), Error> {
    let resp = fetch!(b"PROPFIND", format!("{}dir1", server.url()))
        .header("depth", "2")
        .send()?;
    assert_eq!(resp.status(), 400);
    let body = resp.text()?;
    assert_eq!(body, "Invalid depth: only 0 and 1 are allowed.");
    Ok(())
 }
 #[rstest]
 fn propfind_404(server: TestServer) -> Result<(), Error> {
    let resp = fetch!(b"PROPFIND", format!("{}404", server.url())).send()?;
Author	SHA1	Message	Date
sigoden	22cf74e3c0	update deps	2024-02-13 03:16:57 +00:00
sigoden	6a6ac37be4	chore: release v0.40.0	2024-02-13 01:19:40 +00:00