sigoden/dufs
1
0
Fork 0
mirror of https://github.com/sigoden/dufs.git synced 2026-04-08 16:49:02 +03:00
Code Issues 8 Packages Projects Releases 10 Wiki Activity

[GH-ISSUE #495] Authorization does not work #278

New Issue
Closed
opened 2026-04-08 16:51:40 +03:00 by zhus · 2 comments
zhus commented 2026-04-08 16:51:40 +03:00
Owner
Copy Link

Originally created by @estepnv on GitHub (Dec 9, 2024).
Original GitHub issue: https://github.com/sigoden/dufs/issues/495

Problem

the authorization does not work for browser app, the server does not force me to submit http basic creds.
also I use ubuntu nautilus webdav capabilities, and it looks like it simply ignores the auth config too, allowing me to browse files without specifying creds. but it forces me to specify creds for obsidian remotelysave plugin webdav option.
also the app ignores render-index or render-spa configs. no matter what's specified, it serves the web app.

am I doing something wrong?
any clues on how to setup this properly?

thanks

Configuration
via env variables

          "TZ": "Europe/Moscow"
          "DUFS_AUTH": "{{dufs_eugene_username}}:{{dufs_eugene_password}}@/eugene:rw"
          "DUFS_AUTH_METHOD": "digest"
          "DUFS_RENDER_SPA": "false"
          "DUFS_RENDER_INDEX": "false"
          "DUFS_RENDER_TRY_INDEX": "false"
          "DUFS_ENABLE_CORS": "false"
          "DUFS_ALLOW_ALL": "false"
          "DUFS_ALLOW_UPLOAD": "true"
          "DUFS_ALLOW_DELETE": "true"
          "DUFS_ALLOW_SEARCH": "true"
          "DUFS_ALLOW_SYMLINK": "true"
          "DUFS_ALLOW_ARCHIVE": "true"

Screenshots/Media

Environment Information

  • Dufs version: 0.41.0
  • Browser/Webdav info: brave latest
  • OS info: ubuntu 24.04
  • Proxy server (if any): traefik 3
Originally created by @estepnv on GitHub (Dec 9, 2024). Original GitHub issue: https://github.com/sigoden/dufs/issues/495 **Problem** the authorization does not work for browser app, the server does not force me to submit http basic creds. also I use ubuntu nautilus webdav capabilities, and it looks like it simply ignores the auth config too, allowing me to browse files without specifying creds. but it forces me to specify creds for obsidian remotelysave plugin webdav option. also the app ignores render-index or render-spa configs. no matter what's specified, it serves the web app. am I doing something wrong? any clues on how to setup this properly? thanks **Configuration** via env variables ``` "TZ": "Europe/Moscow" "DUFS_AUTH": "{{dufs_eugene_username}}:{{dufs_eugene_password}}@/eugene:rw" "DUFS_AUTH_METHOD": "digest" "DUFS_RENDER_SPA": "false" "DUFS_RENDER_INDEX": "false" "DUFS_RENDER_TRY_INDEX": "false" "DUFS_ENABLE_CORS": "false" "DUFS_ALLOW_ALL": "false" "DUFS_ALLOW_UPLOAD": "true" "DUFS_ALLOW_DELETE": "true" "DUFS_ALLOW_SEARCH": "true" "DUFS_ALLOW_SYMLINK": "true" "DUFS_ALLOW_ARCHIVE": "true" ``` **Screenshots/Media** <!-- If applicable, add screenshots or videos that help illustrate the issue, especially for WebUI problems. --> **Environment Information** - Dufs version: 0.41.0 - Browser/Webdav info: brave latest - OS info: ubuntu 24.04 - Proxy server (if any): traefik 3
zhus closed this issue 2026-04-08 16:51:40 +03:00
zhus commented 2026-04-08 16:51:41 +03:00
Author
Owner
Copy Link

@sigoden commented on GitHub (Dec 9, 2024):

the authorization does not work for browser app, the server does not force me to submit http basic creds.

If the request does not include authorization, dufs will return a 401 status code, the browser will prompt the user to enter a username and password. This process is ensured by the browser and is unrelated to dufs.

also I use ubuntu nautilus webdav capabilities, and it looks like it simply ignores the auth config too, allowing me to browse files without specifying creds.

Some WebDAV clients do not send credentials by default. This is why some users reported #467.

Also the app ignores render-index or render-spa configs.

WebDAV doesn't support such features; they are browser-only.

Dufs is a mature project, and all functions have been tested. There shouldn't be any obvious authorization issues. If there are issues, it's mostly a problem on your end; you need to resolve it yourself.

<!-- gh-comment-id:2526499197 --> @sigoden commented on GitHub (Dec 9, 2024): > the authorization does not work for browser app, the server does not force me to submit http basic creds. If the request does not include authorization, dufs will return a 401 status code, the browser will prompt the user to enter a username and password. This process is ensured by the browser and is unrelated to dufs. > also I use ubuntu nautilus webdav capabilities, and it looks like it simply ignores the auth config too, allowing me to browse files without specifying creds. Some WebDAV clients do not send credentials by default. This is why some users reported #467. > Also the app ignores render-index or render-spa configs. WebDAV doesn't support such features; they are browser-only. Dufs is a mature project, and all functions have been tested. There shouldn't be any obvious authorization issues. If there are issues, it's mostly a problem on your end; you need to resolve it yourself.
zhus commented 2026-04-08 16:51:41 +03:00
Author
Owner
Copy Link

@estepnv commented on GitHub (Dec 9, 2024):

thanks for reply

<!-- gh-comment-id:2529108190 --> @estepnv commented on GitHub (Dec 9, 2024): thanks for reply
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
enhancement
help wanted
pull-request
Mirrored from GitHub Pull Request
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
zhus
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: sigoden/dufs#278
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?