harivansh-afk/betterNAS
1
1
Fork 0
mirror of https://github.com/harivansh-afk/betterNAS.git synced 2026-04-15 07:04:44 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Allow OPTIONS to bypass WebDAV auth for Finder discovery

Browse source 
macOS Finder sends an unauthenticated OPTIONS request before attempting
auth. It needs to see the DAV: 1, 2 compliance header in the response
to know the server supports WebDAV. Without it, Finder shows "problem
connecting to the server" and never prompts for credentials.

OPTIONS is a safe discovery method that exposes no data, so it can be
served without auth.
This commit is contained in:
Harivansh Rathi 2026-04-01 16:57:55 -04:00
parent 18b6ac625f
commit a6c74c2a39
1 changed files with 8 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
apps/node-agent/cmd/node-agent/app.go
View file

@ -169,6 +169,14 @@ func (a *app) handler() http.Handler {
func (a *app) requireDAVAuth(mount exportMount, next http.Handler) http.Handler { func (a *app) requireDAVAuth(mount exportMount, next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// OPTIONS must bypass auth so the WebDAV handler can return its
// DAV: 1, 2 compliance header. macOS Finder sends an unauthenticated
// OPTIONS first and refuses to connect unless it sees that header.
if r.Method == http.MethodOptions {
next.ServeHTTP(w, r)
return
}
username, password, ok := r.BasicAuth() username, password, ok := r.BasicAuth()
if !ok { if !ok {
writeDAVUnauthorized(w) writeDAVUnauthorized(w)