sigoden/dufs
1
0
Fork 0
mirror of https://github.com/sigoden/dufs.git synced 2026-04-08 16:49:02 +03:00
Code Issues 8 Packages Projects Releases 10 Wiki Activity

[GH-ISSUE #263] webDAV: Disclosure of file names in directories on the path. #137

New Issue
Closed
opened 2026-04-08 16:50:37 +03:00 by zhus · 1 comment
zhus commented 2026-04-08 16:50:37 +03:00
Owner
Copy Link

Originally created by @289699522 on GitHub (Sep 6, 2023).
Original GitHub issue: https://github.com/sigoden/dufs/issues/263

Problem

When I use dufs -a user1:pass1@/dir1/dir2/dir3 , under normal circumstances , user1 don't have permission to list files under /dir1 and /dir1/dir2 , but when I access the above directories through webDAV, user1 can list the files and dictionaries under /dir1 and /dir1/dir2.

Log

Log shows status Code is 207.

Environment:

  • Dufs version: v0.36.0
  • Browser/Webdav Info:
  • OS Info:
Originally created by @289699522 on GitHub (Sep 6, 2023). Original GitHub issue: https://github.com/sigoden/dufs/issues/263 **Problem** When I use `dufs -a user1:pass1@/dir1/dir2/dir3` , under normal circumstances , user1 don't have permission to list files under `/dir1` and `/dir1/dir2` , but when I access the above directories through webDAV, user1 can list the files and dictionaries under `/dir1` and `/dir1/dir2`. **Log** Log shows status Code is 207. **Environment:** - Dufs version: [v0.36.0](https://github.com/sigoden/dufs/releases/tag/v0.36.0) - Browser/Webdav Info: - OS Info:
zhus closed this issue 2026-04-08 16:50:37 +03:00
zhus commented 2026-04-08 16:50:37 +03:00
Author
Owner
Copy Link

@sigoden commented on GitHub (Sep 6, 2023):

Webdav must be designed like this.

This is because some webdav clients do not carry the Authorization header when listing files.

<!-- gh-comment-id:1708516517 --> @sigoden commented on GitHub (Sep 6, 2023): Webdav must be designed like this. This is because some webdav clients do not carry the Authorization header when listing files.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
enhancement
help wanted
pull-request
Mirrored from GitHub Pull Request
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
zhus
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: sigoden/dufs#137
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?