copyparty 1.19.6__py3-none-any.whl → 1.19.8__py3-none-any.whl

copyparty/httpcli.py

@@ -562,7 +562,7 @@ class HttpCli(object):
                 return False
             zsll = [x.split("=", 1) for x in zso.split(";") if "=" in x]
             cookies = {k.strip(): unescape_cookie(zs) for k, zs in zsll}
-            cookie_pw = cookies.get("cppws") or cookies.get("cppwd") or ""
+            cookie_pw = cookies.get("cppws" if self.is_https else "cppwd") or ""
             if "b" in cookies and "b" not in uparam:
                 uparam["b"] = cookies["b"]
             if len(cookies) > self.args.cookie_nmax:
@@ -685,7 +685,7 @@ class HttpCli(object):
                 if idp_usr in self.asrv.vfs.aread:
                     self.pw = ""
                     self.uname = idp_usr
-                    if self.args.ao_have_pw:
+                    if self.args.ao_have_pw or self.args.idp_logout:
                         self.html_head += "<script>var is_idp=1</script>\n"
                     else:
                         self.html_head += "<script>var is_idp=2</script>\n"
@@ -1250,7 +1250,7 @@ class HttpCli(object):
 
             res_path = "web/" + self.vpath[5:]
             if res_path in RES:
-                ap = os.path.join(self.E.mod, res_path)
+                ap = self.E.mod_ + res_path
                 if bos.path.exists(ap) or bos.path.exists(ap + ".gz"):
                     return self.tx_file(ap)
                 else:
@@ -1627,7 +1627,14 @@ class HttpCli(object):
             self.log("inaccessible: %r" % ("/" + self.vpath,))
             raise Pebkac(401, "authenticate")
 
-        if "quota-available-bytes" in props and not self.args.nid:
+        zi = vn.flags["du_iwho"] if "quota-available-bytes" in props else 0
+        if zi and (
+            zi == 9
+            or (zi == 7 and self.uname != "*")
+            or (zi == 5 and self.can_write)
+            or (zi == 4 and self.can_write and self.can_read)
+            or (zi == 3 and self.can_admin)
+        ):
             bfree, btot, _ = get_df(vn.realpath, False)
             if btot:
                 df = {
@@ -2319,12 +2326,7 @@ class HttpCli(object):
         at = mt = time.time() - lifetime
         cli_mt = self.headers.get("x-oc-mtime")
         if cli_mt:
-            try:
-                mt = int(cli_mt)
-                times = (int(time.time()), mt)
-                bos.utime(path, times, False)
-            except:
-                pass
+            bos.utime_c(self.log, path, int(cli_mt), False)
 
         if nameless and "magic" in vfs.flags:
             try:
@@ -3042,7 +3044,7 @@ class HttpCli(object):
             self.asrv.forget_session(self.conn.hsrv.broker, self.uname)
         self.get_pwd_cookie("x")
 
-        dst = self.args.SRS + "?h"
+        dst = self.args.idp_logout or (self.args.SRS + "?h")
         h2 = '<a href="' + dst + '">continue</a>'
         html = self.j2s("msg", h1="ok bye", h2=h2, redir=dst)
         self.reply(html.encode("utf-8"))
@@ -3055,6 +3057,11 @@ class HttpCli(object):
             uname = self.asrv.iacct.get(hpwd)
             if uname:
                 pwd = self.asrv.ases.get(uname) or pwd
+        if uname and self.conn.hsrv.ipr:
+            znm = self.conn.hsrv.ipr.get(uname)
+            if znm and not znm.map(self.ip):
+                self.log("username [%s] rejected by --ipr" % (self.uname,), 3)
+                uname = ""
         if uname:
             msg = "hi " + uname
             dur = int(60 * 60 * self.args.logout)
@@ -4995,10 +5002,20 @@ class HttpCli(object):
         else:
             rip = host
 
+        defpw = "dave:hunter2" if self.args.usernames else "hunter2"
+
         vp = (self.uparam["hc"] or "").lstrip("/")
-        pw = self.ouparam.get("pw") or "hunter2"
+        pw = self.ouparam.get("pw") or defpw
         if pw in self.asrv.sesa:
-            pw = "hunter2"
+            pw = defpw
+
+        unpw = pw
+        try:
+            un, pw = unpw.split(":")
+        except:
+            un = ""
+            if self.args.usernames:
+                un = "dave"
 
         html = self.j2s(
             "svcs",
@@ -5012,7 +5029,10 @@ class HttpCli(object):
             host=html_sh_esc(host),
             hport=html_sh_esc(hport),
             aname=aname,
+            b_un=("<b>%s</b>" % (html_sh_esc(un),)) if un else "k",
+            un=html_sh_esc(un),
             pw=html_sh_esc(pw),
+            unpw=html_sh_esc(unpw),
         )
         self.reply(html.encode("utf-8"))
         return True
@@ -5136,6 +5156,11 @@ class HttpCli(object):
         elif nre:
             re_btn = "&re=%s" % (nre,)
 
+        zi = self.args.ver_iwho
+        show_ver = zi and (
+            zi == 9 or (zi == 6 and self.uname != "*") or (zi == 3 and avol)
+        )
+
         html = self.j2s(
             "splash",
             this=self,
@@ -5158,7 +5183,7 @@ class HttpCli(object):
             no304=self.no304(),
             k304vis=self.args.k304 > 0,
             no304vis=self.args.no304 > 0,
-            ver=S_VERSION if self.args.ver else "",
+            ver=S_VERSION if show_ver else "",
             chpw=self.args.chpw and self.uname != "*",
             ahttps="" if self.is_https else "https://" + self.host + self.req,
         )
@@ -5373,8 +5398,9 @@ class HttpCli(object):
 
         if dk_sz and fsroot:
             kdirs = []
+            fsroot_ = os.path.join(fsroot, "")
             for dn in dirs:
-                ap = os.path.join(fsroot, dn)
+                ap = fsroot_ + dn
                 zs = self.gen_fk(2, self.args.dk_salt, ap, 0, 0)[:dk_sz]
                 kdirs.append(dn + "?k=" + zs)
             dirs = kdirs
@@ -5905,6 +5931,14 @@ class HttpCli(object):
         except:
             raise Pebkac(400, "you dont have all the perms you tried to grant")
 
+        zs = vfs.flags["shr_who"]
+        if zs == "auth" and self.uname != "*":
+            pass
+        elif zs == "a" and self.uname in vfs.axs.uadmin:
+            pass
+        else:
+            raise Pebkac(400, "you dont have perms to create shares from this volume")
+
         ap, reals, _ = vfs.ls(
             rem, self.uname, not self.args.no_scandir, [[s_rd, s_wr, s_mv, s_del]]
         )
@@ -6166,16 +6200,13 @@ class HttpCli(object):
         add_og = "og" in vn.flags
         if add_og:
             if "th" in self.uparam or "raw" in self.uparam:
-                og_ua = add_og = False
-            elif self.args.og_ua:
-                og_ua = add_og = self.args.og_ua.search(self.ua)
-            else:
-                og_ua = False
-                add_og = True
+                add_og = False
+            elif vn.flags["og_ua"]:
+                add_og = vn.flags["og_ua"].search(self.ua)
             og_fn = ""
 
         if "v" in self.uparam:
-            add_og = og_ua = True
+            add_og = True
 
         if "b" in self.uparam:
             self.out_headers["X-Robots-Tag"] = "noindex, nofollow"
@@ -6296,7 +6327,7 @@ class HttpCli(object):
 
             is_md = abspath.lower().endswith(".md")
             if add_og and not is_md:
-                if og_ua or self.host not in self.headers.get("referer", ""):
+                if self.host not in self.headers.get("referer", ""):
                     self.vpath, og_fn = vsplit(self.vpath)
                     vpath = self.vpath
                     vn, rem = self.asrv.vfs.get(self.vpath, self.uname, False, False)
@@ -6336,7 +6367,14 @@ class HttpCli(object):
         except:
             self.log("#wow #whoa")
 
-        if not self.args.nid:
+        zi = vn.flags["du_iwho"]
+        if zi and (
+            zi == 9
+            or (zi == 7 and self.uname != "*")
+            or (zi == 5 and self.can_write)
+            or (zi == 4 and self.can_write and self.can_read)
+            or (zi == 3 and self.can_admin)
+        ):
             free, total, zs = get_df(abspath, False)
             if total:
                 h1 = humansize(free or 0)

copyparty/httpsrv.py

@@ -565,7 +565,7 @@ class HttpSrv(object):
 
             v = self.E.t0
             try:
-                with os.scandir(os.path.join(self.E.mod, "web")) as dh:
+                with os.scandir(self.E.mod_ + "web") as dh:
                     for fh in dh:
                         inf = fh.stat()
                         v = max(v, inf.st_mtime)

copyparty/smbd.py

@@ -370,7 +370,7 @@ class SMB(object):
             t = "blocked utime (no-write-acc %s): /%s @%s"
             yeet(t % (vfs.axs.uwrite, vpath, uname))
 
-        return bos.utime(ap, times)
+        bos.utime_c(info, ap, int(times[1]), False)
 
     def _p_exists(self, vpath )  :
         # ap = "?"

copyparty/svchub.py

@@ -21,7 +21,7 @@ from datetime import datetime
 
 
 from .__init__ import ANYWIN, EXE, MACOS, PY2, TYPE_CHECKING, E, EnvParams, unicode
-from .authsrv import BAD_CFG, AuthSrv
+from .authsrv import BAD_CFG, AuthSrv, n_du_who, n_ver_who
 from .bos import bos
 from .cert import ensure_cert
 from .mtag import HAVE_FFMPEG, HAVE_FFPROBE, HAVE_MUTAGEN
@@ -283,6 +283,14 @@ class SvcHub(object):
         ch = "abcdefghijklmnopqrstuvwx"[int(args.theme / 2)]
         args.theme = "{0}{1} {0} {1}".format(ch, bri)
 
+        if args.nid:
+            args.du_who = "no"
+        args.du_iwho = n_du_who(args.du_who)
+
+        if args.ver and args.ver_who == "no":
+            args.ver_who = "all"
+        args.ver_iwho = n_ver_who(args.ver_who)
+
         if args.nih:
             args.vname = ""
             args.doctitle = args.doctitle.replace(" @ --name", "")
@@ -966,6 +974,24 @@ class SvcHub(object):
                     t = "WARNING:\nDisabling WebDAV support because dxml selftest failed. Please report this bug;\n%s\n...and include the following information in the bug-report:\n%s | expat %s\n"
                     self.log("root", t % (URL_BUG, VERSIONS, expat_ver()), 1)
 
+        if not E.scfg and not al.unsafe_state and not os.getenv("PRTY_UNSAFE_STATE"):
+            t = "because runtime config is currently being stored in an untrusted emergency-fallback location. Please fix your environment so either XDG_CONFIG_HOME or ~/.config can be used instead, or disable this safeguard with --unsafe-state or env-var PRTY_UNSAFE_STATE=1."
+            if not al.no_ses:
+                al.no_ses = True
+                t2 = "A consequence of this misconfiguration is that passwords will now be sent in the HTTP-header of every request!"
+                self.log("root", "WARNING:\nWill disable sessions %s %s" % (t, t2), 1)
+            if al.idp_store == 1:
+                al.idp_store = 0
+                self.log("root", "WARNING:\nDisabling --idp-store %s" % (t,), 3)
+            if al.idp_store:
+                t2 = "ERROR: Cannot enable --idp-store %s" % (t,)
+                self.log("root", t2, 1)
+                raise Exception(t2)
+            if al.shr:
+                t2 = "ERROR: Cannot enable shares %s" % (t,)
+                self.log("root", t2, 1)
+                raise Exception(t2)
+
     def _process_config(self)  :
         al = self.args
 

copyparty/tcpsrv.py

@@ -302,6 +302,10 @@ class TcpSrv(object):
                     if os.path.exists(ip):
                         os.unlink(ip)
                     srv.bind(ip)
+                    if uds_gid != -1:
+                        os.chown(ip, -1, uds_gid)
+                    if uds_perm != -1:
+                        os.chmod(ip, uds_perm)
                 else:
                     tf = "%s.%d" % (ip, os.getpid())
                     if os.path.exists(tf):

copyparty/up2k.py

@@ -410,10 +410,11 @@ class Up2k(object):
 
         ret      = []
         userset = set([(uname or "\n"), "*"])
+        e_d = {}
         n = 1000
         try:
             for ptop, tab2 in self.registry.items():
-                cfg = self.flags.get(ptop, {}).get("u2abort", 1)
+                cfg = self.flags.get(ptop, e_d).get("u2abort", 1)
                 if not cfg:
                     continue
                 addr = (ip or "\n") if cfg in (1, 2) else ""
@@ -1131,7 +1132,7 @@ class Up2k(object):
         ft = "\033[0;32m{}{:.0}"
         ff = "\033[0;35m{}{:.0}"
         fv = "\033[0;36m{}:\033[90m{}"
-        zs = "ext_th_d html_head put_name2 mv_re_r mv_re_t rm_re_r rm_re_t srch_re_dots srch_re_nodot zipmax zipmaxn_v zipmaxs_v"
+        zs = "du_iwho ext_th_d html_head put_name2 mv_re_r mv_re_t rm_re_r rm_re_t srch_re_dots srch_re_nodot zipmax zipmaxn_v zipmaxs_v"
         fx = set(zs.split())
         fd = vf_bmap()
         fd.update(vf_cmap())
@@ -1485,6 +1486,7 @@ class Up2k(object):
         files    = []
         fat32 = True
         cv = vcv = acv = ""
+        e_d = {}
 
         th_cvd = self.args.th_coversd
         th_cvds = self.args.th_coversd_set
@@ -1684,7 +1686,7 @@ class Up2k(object):
 
                 t = "reindex %r => %r mtime(%s/%s) size(%s/%s)"
                 self.log(t % (top, rp, dts, lmod, dsz, sz))
-                self.db_rm(db.c, rd, fn, 0)
+                self.db_rm(db.c, e_d, rd, fn, 0)
                 tfa += 1
                 db.n += 1
                 in_db = []
@@ -1721,7 +1723,7 @@ class Up2k(object):
                 un = ""
 
             # skip upload hooks by not providing vflags
-            self.db_add(db.c, {}, rd, fn, lmod, sz, "", "", wark, wark, "", un, ip, at)
+            self.db_add(db.c, e_d, rd, fn, lmod, sz, "", "", wark, wark, "", un, ip, at)
             db.n += 1
             db.nf += 1
             tfa += 1
@@ -1780,7 +1782,7 @@ class Up2k(object):
         rm_files = [x for x in hits if x not in seen_files]
         n_rm = len(rm_files)
         for fn in rm_files:
-            self.db_rm(db.c, rd, fn, 0)
+            self.db_rm(db.c, e_d, rd, fn, 0)
 
         if n_rm:
             self.log("forgot {} deleted files".format(n_rm))
@@ -3126,7 +3128,7 @@ class Up2k(object):
                 for cur, dp_dir, dp_fn in lost:
                     t = "forgetting desynced db entry: %r"
                     self.log(t % ("/" + vjoin(vjoin(vfs.vpath, dp_dir), dp_fn)))
-                    self.db_rm(cur, dp_dir, dp_fn, cj["size"])
+                    self.db_rm(cur, vfs.flags, dp_dir, dp_fn, cj["size"])
                     if c2 and c2 != cur:
                         c2.connection.commit()
 
@@ -3419,10 +3421,9 @@ class Up2k(object):
                     cur.connection.commit()
 
                     ap = djoin(job["ptop"], job["prel"], job["name"])
-                    times = (int(time.time()), int(cj["lmod"]))
-                    bos.utime(ap, times, False)
+                    mt = bos.utime_c(self.log, ap, int(cj["lmod"]), False, True)
 
-                    self.log("touched %r from %d to %d" % (ap, job["lmod"], cj["lmod"]))
+                    self.log("touched %r from %d to %d" % (ap, job["lmod"], mt))
                 except Exception as ex:
                     self.log("umod failed, %r" % (ex,), 3)
 
@@ -3456,7 +3457,7 @@ class Up2k(object):
                 vrel = vjoin(job["prel"], fname)
                 xlink = bool(vf.get("xlink"))
                 cur, wark, _, _, _, _, _ = self._find_from_vpath(ptop, vrel)
-                self._forget_file(ptop, vrel, cur, wark, True, st.st_size, xlink)
+                self._forget_file(ptop, vrel, vf, cur, wark, True, st.st_size, xlink)
             except Exception as ex:
                 self.log("skipping replace-relink: %r" % (ex,))
             finally:
@@ -3577,8 +3578,7 @@ class Up2k(object):
             shutil.copy2(fsenc(csrc), fsenc(dst))
 
         if lmod and (not linked or SYMTIME):
-            times = (int(time.time()), int(lmod))
-            bos.utime(dst, times, False)
+            bos.utime_c(self.log, dst, int(lmod), False)
 
     def handle_chunks(
         self, ptop , wark , chashes 
@@ -3750,10 +3750,8 @@ class Up2k(object):
         times = (int(time.time()), int(job["lmod"]))
         t = "no more chunks, setting times %s (%d) on %r"
         self.log(t % (times, bos.path.getsize(dst), dst))
-        try:
-            bos.utime(dst, times)
-        except:
-            self.log("failed to utime (%r, %s)" % (dst, times))
+        bos.utime_c(self.log, dst, times[1], False)
+        # the above logmsg (and associated logic) is retained due to unforget.py
 
         zs = "prel name lmod size ptop vtop wark dwrk host user addr"
         z2 = [job[x] for x in zs.split()]
@@ -3871,16 +3869,31 @@ class Up2k(object):
 
         return True
 
-    def db_rm(self, db , rd , fn , sz )  :
+    def db_rm(
+        self, db , vflags  , rd , fn , sz 
+    )  :
         sql = "delete from up where rd = ? and fn = ?"
         try:
             r = db.execute(sql, (rd, fn))
         except:
             r = db.execute(sql, s3enc(self.mem_cur, rd, fn))
 
-        if r.rowcount:
-            self.volsize[db] -= sz
-            self.volnfiles[db] -= 1
+        if not r.rowcount:
+            return
+
+        self.volsize[db] -= sz
+        self.volnfiles[db] -= 1
+
+        if "nodirsz" not in vflags:
+            try:
+                q = "update ds set nf=nf-1, sz=sz-? where rd=?"
+                while True:
+                    db.execute(q, (sz, rd))
+                    if not rd:
+                        break
+                    rd = rd.rsplit("/", 1)[0] if "/" in rd else ""
+            except:
+                pass
 
     def db_add(
         self,
@@ -3901,7 +3914,7 @@ class Up2k(object):
         skip_xau  = False,
     )  :
         """mutex(main) me"""
-        self.db_rm(db, rd, fn, sz)
+        self.db_rm(db, vflags, rd, fn, sz)
 
         if not ip:
             db_ip = ""
@@ -4182,7 +4195,7 @@ class Up2k(object):
                         xlink = bool(dbv.flags.get("xlink"))
                         cur, wark, _, _, _, _, _ = self._find_from_vpath(ptop, volpath)
                         self._forget_file(
-                            ptop, volpath, cur, wark, True, st.st_size, xlink
+                            ptop, volpath, dbv.flags, cur, wark, True, st.st_size, xlink
                         )
                     finally:
                         if cur:
@@ -4638,7 +4651,14 @@ class Up2k(object):
 
             with self.reg_mutex:
                 has_dupes = self._forget_file(
-                    svn.realpath, srem, c1, w, is_xvol, fsize_ or fsize, xlink
+                    svn.realpath,
+                    srem,
+                    svn.flags,
+                    c1,
+                    w,
+                    is_xvol,
+                    fsize_ or fsize,
+                    xlink,
                 )
 
             if not is_xvol:
@@ -4782,6 +4802,7 @@ class Up2k(object):
         self,
         ptop ,
         vrem ,
+        vflags  ,
         cur ,
         wark ,
         drop_tags ,
@@ -4806,7 +4827,7 @@ class Up2k(object):
                 q = "delete from mt where w=?"
                 cur.execute(q, (wark[:16],))
 
-            self.db_rm(cur, srd, sfn, sz)
+            self.db_rm(cur, vflags, srd, sfn, sz)
 
         reg = self.registry.get(ptop)
         if reg:
@@ -4895,7 +4916,10 @@ class Up2k(object):
             mt = bos.path.getmtime(slabs, False)
             flags = self.flags.get(ptop) or {}
             atomic_move(self.log, sabs, slabs, flags)
-            bos.utime(slabs, (int(time.time()), int(mt)), False)
+            try:
+                bos.utime(slabs, (int(time.time()), int(mt)), False)
+            except:
+                self.log("relink: failed to utime(%r, %s)" % (slabs, mt), 3)
             self._symlink(slabs, sabs, flags, False, is_mv=True)
             full[slabs] = (ptop, rem)
             sabs = slabs

copyparty/util.py

@@ -3102,8 +3102,9 @@ def statdir(
         else:
             src = "listdir"
             fun  = os.lstat if lstat else os.stat
+            btop_ = os.path.join(btop, b"")
             for name in os.listdir(btop):
-                abspath = os.path.join(btop, name)
+                abspath = btop_ + name
                 try:
                     yield (fsdec(name), fun(abspath))
                 except Exception as ex:
@@ -3142,7 +3143,9 @@ def rmdirs(
 
     stats = statdir(logger, scandir, lstat, top, False)
     dirs = [x[0] for x in stats if stat.S_ISDIR(x[1].st_mode)]
-    dirs = [os.path.join(top, x) for x in dirs]
+    if dirs:
+        top_ = os.path.join(top, "")
+        dirs = [top_ + x for x in dirs]
     ok = []
     ng = []
     for d in reversed(dirs):
@@ -4113,7 +4116,7 @@ def _pkg_resource_exists(pkg , name )  :
 
 
 def stat_resource(E , name ):
-    path = os.path.join(E.mod, name)
+    path = E.mod_ + name
     if os.path.exists(path):
         return os.stat(fsenc(path))
     return None
@@ -4158,7 +4161,7 @@ def _has_resource(name ):
 
 
 def has_resource(E , name ):
-    return _has_resource(name) or os.path.exists(os.path.join(E.mod, name))
+    return _has_resource(name) or os.path.exists(E.mod_ + name)
 
 
 def load_resource(E , name , mode="rb")  :
@@ -4181,7 +4184,7 @@ def load_resource(E , name , mode="rb")  :
                 stream = codecs.getreader(enc)(stream)
             return stream
 
-    ap = os.path.join(E.mod, name)
+    ap = E.mod_ + name
 
     if PY2:
         return codecs.open(ap, "r", encoding=enc)  # type: ignore

copyparty/web/a/partyfuse.py

@@ -6,8 +6,8 @@ __copyright__ = 2019
 __license__ = "MIT"
 __url__ = "https://github.com/9001/copyparty/"
 
-S_VERSION = "2.0"
-S_BUILD_DT = "2024-10-01"
+S_VERSION = "2.1"
+S_BUILD_DT = "2025-09-06"
 
 """
 mount a copyparty server (local or remote) as a filesystem
@@ -95,7 +95,7 @@ except:
     elif MACOS:
         libfuse = "install https://osxfuse.github.io/"
     else:
-        libfuse = "apt install libfuse3-3\n    modprobe fuse"
+        libfuse = "apt install libfuse2\n    modprobe fuse"
 
     m = """\033[33m
   could not import fuse; these may help:
@@ -324,7 +324,7 @@ class Gateway(object):
     def sendreq(self, meth, path, headers, **kwargs):
         tid = get_tid()
         if self.password:
-            headers["Cookie"] = "=".join(["cppwd", self.password])
+            headers["PW"] = self.password
 
         try:
             c = self.getconn(tid)
@@ -682,9 +682,7 @@ class CPPF(Operations):
         return ret
 
     def _readdir(self, path, fh=None):
-        path = path.strip("/")
-        dbg("readdir %r [%s]", path, fh)
-
+        dbg("dircache miss")
         ret = self.gw.listdir(path)
         if not self.n_dircache:
             return ret
@@ -694,11 +692,17 @@ class CPPF(Operations):
             self.dircache.append(cn)
             self.clean_dircache()
 
-        # import pprint; pprint.pprint(ret)
         return ret
 
     def readdir(self, path, fh=None):
-        return [".", ".."] + list(self._readdir(path, fh))
+        dbg("readdir %r [%s]", path, fh)
+        path = path.strip("/")
+        cn = self.get_cached_dir(path)
+        if cn:
+            ret = cn.data
+        else:
+            ret = self._readdir(path, fh)
+        return [".", ".."] + list(ret)
 
     def read(self, path, length, offset, fh=None):
         req_max = 1024 * 1024 * 8
@@ -749,7 +753,6 @@ class CPPF(Operations):
         if cn:
             dents = cn.data
         else:
-            dbg("cache miss")
             dents = self._readdir(dirpath)
 
         try:
@@ -857,10 +860,15 @@ def main():
     if WINDOWS:
         examples.append("http://192.168.1.69:3923/music/  M:")
 
+    epi = "example:" + ex_pre + ex_pre.join(examples)
+    epi += """\n
+NOTE: if server has --usernames enabled, then password is "username:password"
+"""
+
     ap = argparse.ArgumentParser(
         formatter_class=TheArgparseFormatter,
         description="mount a copyparty server as a local filesystem -- " + ver,
-        epilog="example:" + ex_pre + ex_pre.join(examples),
+        epilog=epi,
     )
     # fmt: off
     ap.add_argument("base_url", type=str, help="remote copyparty URL to mount")

copyparty/web/a/u2c.py

@@ -1,8 +1,8 @@
 #!/usr/bin/env python3
 from __future__ import print_function, unicode_literals
 
-S_VERSION = "2.12"
-S_BUILD_DT = "2025-08-26"
+S_VERSION = "2.13"
+S_BUILD_DT = "2025-09-05"
 
 """
 u2c.py: upload to copyparty
@@ -588,9 +588,10 @@ def undns(url):
 
 def _scd(err, top):
     """non-recursive listing of directory contents, along with stat() info"""
+    top_ = os.path.join(top, b"")
     with os.scandir(top) as dh:
         for fh in dh:
-            abspath = os.path.join(top, fh.name)
+            abspath = top_ + fh.name
             try:
                 yield [abspath, fh.stat()]
             except Exception as ex:
@@ -599,8 +600,9 @@ def _scd(err, top):
 
 def _lsd(err, top):
     """non-recursive listing of directory contents, along with stat() info"""
+    top_ = os.path.join(top, b"")
     for name in os.listdir(top):
-        abspath = os.path.join(top, name)
+        abspath = top_ + name
         try:
             yield [abspath, os.stat(abspath)]
         except Exception as ex:

copyparty/web/browser.html

@@ -9,7 +9,7 @@
 	<meta name="theme-color" content="#{{ tcolor }}">
 	<link rel="stylesheet" media="screen" href="{{ r }}/.cpr/ui.css?_={{ ts }}">
 	<link rel="stylesheet" media="screen" href="{{ r }}/.cpr/browser.css?_={{ ts }}">
-{{ html_head }}
+{{- html_head }}
 	{%- if css %}
 	<link rel="stylesheet" media="screen" href="{{ css }}_={{ ts }}">
 	{%- endif %}