webdav upload fix

• read-only demo server at https://a.ocv.me/pub/demo/
• docker image ╱ similar software ╱ client testbed

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

• v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
• v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

🧪 new features

• add --nsort and volflag nsort to default-enable natural sort of filenames with leading digits 8f7ffcf
• video-player: support .mov files which contain browser-native codecs 2d0cbdf

🩹 bugfixes

• #119 v1.16.0 broke webdav uploads from rclone and possibly other clients 7dfbfc7
  • a collection of webdav unittests will be added soon to prevent similar issues in the future
• #118 ip-ranges can be mixed with lan when specifying the list of trusted proxies for x-forwarded-for with --xff-src
  • found and fixed by @codemicro (thx!) 0e31cfa
• ux:
  • in the grid-view, markdown files would open in the generic text viewer 520ac8f
  • qr-codes (create-share, view-share) didn't render on chrome db069c3
  • qr-codes could cause layout-shifting 5afb562
  • fix layout-shifting for ongoing downloads in controlpanel 9c8507a
  • cosmetic eta jank b10843d

🔧 other changes

• upto 7% faster folder listings due to refactoring for more ux knobs 0c43b59
• fix resource leaks (only affected tests/debug) 2ab8924

---

⚠️ not the latest version!

cbz thumbnails

• read-only demo server at https://a.ocv.me/pub/demo/
• docker image ╱ similar software ╱ client testbed

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

• v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
• v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

🧪 new features

• thumbnails of .cbz manga archives 4d15dd6

🩹 bugfixes

• when running with -j0, download-ETA could break in complex volume layouts 10fc476
• linking to the image gallery didn't quite work if multiselect was enabled 56a0499
• password-hashing parameters (cpu/ram cost) could not be customized 1f17752
  • the defaults must be perfect considering nobody ever tried changing them ¯\(ツ)/¯

🔧 other changes

• add intentional crash on startup if two volumes are configured to use the same histpath 2b63d7d
  • prevents funky deadlocks and an eventual database loss in case of a no-thoughts-head-empty moment, purely hypothetical of course 🗿

---

⚠️ not the latest version!

COPYparty

• read-only demo server at https://a.ocv.me/pub/demo/
• docker image ╱ similar software ╱ client testbed

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

• v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
• v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

🧪 new features

• #46 #115 copy/paste files and folders cacec9c
  • cut/paste still exists, but now you can copy too
  • with a UI to rename files in case of filename collisions 56317b0
  • files are created according to the dedup settings in the target volume (either full copies or symlinks/hardlinks)
• show currently active downloads in the controlpanel 8aba5ae
  • can be made admin-only with --dl-list=1 or disabled with --dl-list=0
  • hides filenames of hidden files, and files from volumes where the viewer doesn't have access
• #114 async reinit on new IdP users 44ee07f
  • new IdP users can now always auth, even while a filesystem reindex is running
• ux:
  • remember batch-rename settings from last time 6a8d5e1
  • URL parameters to force grid/thumbs on/off 5718caa

🩹 bugfixes

• folders that fail to list due to a corrupt HDD/filesystem will now return a 404 instead of an empty listing 119e88d
  • also fixes similar issues in u2c and partyfuse
• u2c (commandline uploader): detect and adapt to proxies with short connection keepalives c784e52
• ui/ux:
  • show the "switch-to-https" button in 404-messages too efd8a32
  • the folder-loading indicator could steal keyboard focus d9962f6
  • hotkey-help was very trigger-happy 71d9e01

🔧 other changes

• choose more conservative defaults when server has less than 1 GiB RAM 2bf9055
  • runs okay down to 128 MiB, but thumbnails die below 256 MiB
• update the comparison to similar software after years of optimizations on both sides 0ce7cf5

---

⚠️ not the latest version!

temporary upload links

• read-only demo server at https://a.ocv.me/pub/demo/
• docker image ╱ similar software ╱ client testbed

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

• v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
• v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

🧪 new features

• shares can now be uploaded into, and unpost works too 4bdcbc1
  • useful to create temporary URLs for other people to upload to
  • shares can be write-only, so visitors can't browse or see any files
• #110 HTTP 304 (caching):
  • support If-Range for HTTP 206 159f51b
  • add server-side and client-side options to force-disable cache dd6dbdd
    • --no304=1 shows a button in the controlpanel to disable caching
    • --no304=2 makes that button auto-enabled
    • even when --no304 is not specified, accessing the URL /?setck=no304=y force-disables cache
    • when cache is force-disabled, browsers will waste a lot of network traffic / data usage
    • might help to avoid bugs in browsers or proxies, for example if media files suddenly stop loading
      • but such bugs should be exceedingly rare, so do not enable this unless actually necessary

🩹 bugfixes

• #110 HTTP 304 (caching):
  • remove Content-Length and Content-Type response headers from 304 replies 9124023
    • browsers don't need these, and some middlewares might get confused if they're present
• #113 fix crash on startup if -j0 was combined with --ipa or --ipu 3a0d882
• #111 fix javascript crash if --u2sz was set to an invalid value b13899c

🔧 other changes

• #110 HTTP 304 (caching):
  • never automatically enable k304 because the Vary header killed support for caching in msie anyways 63013cc
  • change time comparison for If-Modified-Since to require an exact timestamp match, instead of the intended "modified since". This technically violates the http-spec, but should be safer for backdating file mtimes 159f51b
• new option --ohead to log response headers 7678a91
• added nintendo 3ds to the list of supported browsers cb81f0a

---

⚠️ not the latest version!

rss server

• read-only demo server at https://a.ocv.me/pub/demo/
• docker image ╱ similar software ╱ client testbed

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

• v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
• v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

🧪 new features

• #109 rss feed generator 7ffd805
  • monitor folders recursively with RSS readers

🩹 bugfixes

• #107 --df diskspace limits was incompatible with webdav 2a570bb
• #108 up2k javascript crash (only affected the Chinese translation) a7e2a0c

🔧 other changes

• up2k: detect buggy webworkers 5ca8f07
• up2k: improve upload retry/timeout logic a9b4436
  • js: make handshake retries more aggressive
  • u2c: reduce chunks timeout + ^
  • main: reduce tcp timeout to 128sec (js is 42s)
  • httpcli: less confusing log messages

---

⚠️ not the latest version!

the sky is the limit

• read-only demo server at https://a.ocv.me/pub/demo/
• docker image ╱ similar software ╱ client testbed

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

• v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
• v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

🧪 new features

• subchunks; avoid the Cloudflare filesize limit entirely fc8298c 48147c0
  • the previous max filesize was 383.9 GiB, now only the sky is the limit
  • if you're using another proxy with a more restrictive limit than Cloudflare's 100 MiB, for example 64 MiB, then --u2sz 1,64,64
• m4v videos can be played in the gallery ff0a71f

🩹 bugfixes

• up2k: uploading duplicate files could initially fail (but would succeed after a few automatic retries) due to a toctou 114b71b
• u2c / commandline uploader:
  • directory scanner got stuck if it found a FIFO cba1878
  • excessive number of FDs when uploading large files 65a2b6a
  • chunksize calculation; only affected files exactly 128 GiB large a2e037d
  • support filenames with newlines and invalid utf-8 b2770a2
    • invalid utf-8 is replaced by ? when they hit the server

🔧 other changes

• don't show the toast countdown bar if duration is infinite 22dfc6e
• chickenbit to disable the browser's built-in sha512 implementation and force the bundled wasm instead d715479

---

⚠️ not the latest version!

the 'a' in "ip address" stands for authentication

• read-only demo server at https://a.ocv.me/pub/demo/
• docker image ╱ similar software ╱ client testbed

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

• v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
• v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

🧪 new features

• cidr-based autologin b7f9bf5
  • map a cidr ip-range to a username; anyone connecting from that ip-range will autologin as that user
  • thx to @byteturtle for the idea!
• u2c / commandline uploader:
  • option --chs to list individual chunk hashes cf1b756
  • fix progress indicator when resuming an upload 53ffd24
• up2k: verbose logging of detected/corrected bitflips ee62836
  • foreshadowing intensifies (story still developing)

🩹 bugfixes

• up2k with database disabled / running without -e2d 705f598
  • respect noforget when loading snaps
  • ...but actually forget deleted files otherwise
  • snap-loader adds empty need/hash entries as necessary

🔧 other changes

• authed users can now unpost recent uploads of unauthed users from the same IP 22b58e3
  • would have become problematic now that cidr-based autologin is a thing

---

⚠️ not the latest version!

preadme

• read-only demo server at https://a.ocv.me/pub/demo/
• docker image ╱ similar software ╱ client testbed

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

• v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
• v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

🧪 new features

• #105 files named preadme.md appear at the top of directory listings 1d68acf
• entirely disable dedup with --no-clone / volflag noclone 3d7facd 6b7ebdb
  • even if a file exists for sure on the server HDD, let the client continue uploading instead of reusing the existing data
  • using this option "never" makes sense, unless you're using something like S3 Glacier storage where reading is really expensive but writing is cheap

🩹 bugfixes

• up2k jank after detecting a bitflip or network glitch 4a4ec88
  • instead of resuming the interrupted upload like it should, the upload client could get stuck or start over
• #104 support viewing dotfile documents when dotfiles are hidden 9ccd8bb
• fix a buttload of typos 6adc778 1e7697b

---

⚠️ not the latest version!

pyz all the cores

• read-only demo server at https://a.ocv.me/pub/demo/
• docker image ╱ similar software ╱ client testbed

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

• v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
• v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

🩹 bugfixes

• the pkgres / pyz changes in 1.15.4 broke multiprocessing c398553

🔧 other changes

• pyz: drop easymde to save some bytes + make it a tiny bit faster

---

⚠️ not the latest version!

hermetic

• read-only demo server at https://a.ocv.me/pub/demo/
• docker image ╱ similar software ╱ client testbed

there is a discord server with an @everyone in case of future important updates, such as vulnerabilities (most recently 2023-07-23)

recent important news

• v1.15.0 (2024-09-08) changed upload deduplication to be default-disabled
• v1.14.3 (2024-08-30) fixed a bug that was introduced in v1.13.8 (2024-08-13); this bug could lead to data loss -- see the v1.14.3 release-notes for details

🧪 new features

• u2c (commandline uploader):
  • remove all dependencies; now entirely self-contained 9daeed9
    • made it 3x faster for small files, 2x faster in general
  • improve -x behavior to not traverse into excluded folders b9c5c7b
• partyfuse (fuse client; mount a copyparty server as a local filesystem):
  • 9x faster directory listings 03f0f99
  • 4x faster downloads on high-latency connections 847a2bd
  • embed fuse.py (its only dependency) -- can be downloaded from the connect-page 44f2b63
  • support mounting nginx and iis servers too, not just copyparty c81e898
• reduce ram usage down to 10% when running without -e2d 88a1c5c
  • does not affect servers with -e2d enabled (was already optimal)
• share folders as qr-codes e454206
  • when creating a share, you get a qr-code for quick access
  • buttons in the shares controlpanel to reshow it, optionally with the password embedded into the qr-code
• #98 read embedded webdeps and templates with pkg_resources; thx @shizmob! a462a64 d866841
  • copyparty.pyz now runs straight from the source file without unpacking anything to disk
    • ...and is now much slower at returning resource GETs, but that is fine
• og / opengraph / discord embeds: support filekeys ae98200
• add option for natural sorting; thx @oshiteku! 9804f25
• eyecandy timer bar on toasts 0dfe1d5
• smb-server: impacket 0.12 is out! dc4d0d8
  • now possible to list folders with more than 400 files (it's REALLY slow)

🩹 bugfixes

• webdav:
  • support <allprop/> in propfind dc157fa
  • list volumes when root is unmapped 480ac25
    • previously, clients couldn't connect to the root of a copyparty server unless a volume existed at /
• #101 show .prologue.html and .epilogue.html in directory listings even if user cannot see hidden files 21be82e
• #100 confusing toast when pressing F2 without selecting anything 2715ee6
• fix prometheus metrics 678675a

🔧 other changes

• #100 allow uploading .prologue.html and .epilogue.html 19a5985
• #102 make translation easier when running in docker

---

⚠️ not the latest version!