v1.14.0

add file/folder sharing; closes #84
invert volume scrollwheel
2024-08-18 23:11:36 +00:00 · 2024-08-18 22:49:13 +00:00 · 2024-08-17 20:36:59 +00:00 · 2024-08-17 18:17:40 +00:00 · 2024-08-17 15:55:55 +00:00 · 2024-08-16 21:08:22 +00:00
32 changed files with 1373 additions and 181 deletions
--- a/README.md
+++ b/README.md
@@ -42,6 +42,7 @@ turn almost any device into a file server with resumable uploads/downloads using
        * [self-destruct](#self-destruct) - uploads can be given a lifetime
        * [race the beam](#race-the-beam) - download files while they're still uploading ([demo video](http://a.ocv.me/pub/g/nerd-stuff/cpp/2024-0418-race-the-beam.webm))
    * [file manager](#file-manager) - cut/paste, rename, and delete files/folders (if you have permission)
+    * [shares](#shares) - share a file or folder by creating a temporary link
    * [batch rename](#batch-rename) - select some files and press `F2` to bring up the rename UI
    * [media player](#media-player) - plays almost every audio format there is
        * [audio equalizer](#audio-equalizer) - and [dynamic range compressor](https://en.wikipedia.org/wiki/Dynamic_range_compression)
@@ -76,6 +77,7 @@ turn almost any device into a file server with resumable uploads/downloads using
        * [upload events](#upload-events) - the older, more powerful approach ([examples](./bin/mtag/))
    * [handlers](#handlers) - redefine behavior with plugins ([examples](./bin/handlers/))
    * [identity providers](#identity-providers) - replace copyparty passwords with oauth and such
+    * [user-changeable passwords](#user-changeable-passwords) - if permitted, users can change their own passwords
    * [using the cloud as storage](#using-the-cloud-as-storage) - connecting to an aws s3 bucket and similar
    * [hiding from google](#hiding-from-google) - tell search engines you dont wanna be indexed
    * [themes](#themes)
@@ -744,6 +746,33 @@ file selection: click somewhere on the line (not the link itsef), then:
 you can move files across browser tabs (cut in one tab, paste in another)


+## shares
+
+share a file or folder by creating a temporary link
+
+when enabled in the server settings (`--shr`), click the bottom-right `share` button to share the folder you're currently in, or select a file first to share only that file
+
+this feature was made with [identity providers](#identity-providers) in mind -- configure your reverseproxy to skip the IdP's access-control for a given URL prefix and use that to safely share specific files/folders sans the usual auth checks
+
+when creating a share, the creator can choose any of the following options:
+
+* password-protection
+* expire after a certain time
+* allow visitors to upload (if the user who creates the share has write-access)
+
+semi-intentional limitations:
+
+* cleanup of expired shares only works when global option `e2d` is set, and/or at least one volume on the server has volflag `e2d`
+* only folders from the same volume are shared; if you are sharing a folder which contains other volumes, then the contents of those volumes will not be available
+* no option to "delete after first access" because tricky
+  * when linking something to discord (for example) it'll get accessed by their scraper and that would count as a hit
+  * browsers wouldn't be able to resume a broken download unless the requester's IP gets allowlisted for X minutes (ref. tricky)
+
+the links are created inside a specific toplevel folder which must be specified with server-config `--shr`, for example `--shr /share/` (this also enables the feature)
+
+users can delete their own shares in the controlpanel, and a list of privileged users (`--shr-adm`) are allowed to see and/or delet any share on the server
+
+
 ## batch rename

 select some files and press `F2` to bring up the rename UI
@@ -1355,6 +1384,29 @@ there is a [docker-compose example](./docs/examples/docker/idp-authelia-traefik)

 a more complete example of the copyparty configuration options [look like this](./docs/examples/docker/idp/copyparty.conf)

+but if you just want to let users change their own passwords, then you probably want [user-changeable passwords](#user-changeable-passwords) instead
+
+
+## user-changeable passwords
+
+if permitted, users can change their own passwords  in the control-panel
+
+* not compatible with [identity providers](#identity-providers)
+
+* must be enabled with `--chpw` because account-sharing is a popular usecase
+
+  * if you want to enable the feature but deny password-changing for a specific list of accounts, you can do that with `--chpw-no name1,name2,name3,...`
+
+* to perform a password reset, edit the server config and give the user another password there, then do a [config reload](#server-config) or server restart
+
+* the custom passwords are kept in a textfile at filesystem-path `--chpw-db`, by default `chpw.json` in the copyparty config folder
+
+  * if you run multiple copyparty instances with different users you *almost definitely* want to specify separate DBs for each instance
+
+  * if [password hashing](#password-hashing) is enbled, the passwords in the db are also hashed
+
+    * ...which means that all user-defined passwords will be forgotten if you change password-hashing settings
+

 ## using the cloud as storage

@@ -1459,7 +1511,7 @@ some reverse proxies (such as [Caddy](https://caddyserver.com/)) can automatical
 * **warning:** nginx-QUIC (HTTP/3) is still experimental and can make uploads much slower, so HTTP/1.1 is recommended for now
 * depending on server/client, HTTP/1.1 can also be 5x faster than HTTP/2

-for improved security (and a tiny performance boost) consider listening on a unix-socket with `-i /tmp/party.sock` instead of `-i 127.0.0.1`
+for improved security (and a 10% performance boost) consider listening on a unix-socket with `-i unix:770:www:/tmp/party.sock` (permission `770` means only members of group `www` can access it)

 example webserver configs:

@@ -1900,7 +1952,7 @@ some notes on hardening
  * cors doesn't work right otherwise
 * if you allow anonymous uploads or otherwise don't trust the contents of a volume, you can prevent XSS with volflag `nohtml`
  * this returns html documents as plaintext, and also disables markdown rendering
-* when running behind a reverse-proxy, listen on a unix-socket with `-i /tmp/party.sock` instead of `-i 127.0.0.1` for tighter access control (plus you get a tiny performance boost for free)
+* when running behind a reverse-proxy, listen on a unix-socket for tighter access control (and more performance); see [reverse-proxy](#reverse-proxy) or `--help-bind`

 safety profiles:

--- a/bin/hooks/reloc-by-ext.py
+++ b/bin/hooks/reloc-by-ext.py
@@ -2,11 +2,12 @@

 import json
 import os
+import re
 import sys


 _ = r"""
-relocate/redirect incoming uploads according to file extension
+relocate/redirect incoming uploads according to file extension or name

 example usage as global config:
    --xbu j,c1,bin/hooks/reloc-by-ext.py
@@ -52,11 +53,19 @@ def main():
    try:
        fn, ext = fn.rsplit(".", 1)
    except:
-        # no file extension; abort
-        return
+        # no file extension; pretend it's "bin"
+        ext = "bin"

    ext = ext.lower()

+    # this function must end by printing the action to perform;
+    # that's handled by the print(json.dumps(... at the bottom
+    #
+    # the action can contain the following keys:
+    # "vp" is the folder URL to move the upload to,
+    # "ap" is the filesystem-path to move it to (but "vp" is safer),
+    # "fn" overrides the final filename to use
+
    ##
    ## some example actions to take; pick one by
    ## selecting it inside the print at the end:
@@ -80,11 +89,37 @@ def main():
    elif ext in MUSIC.split():
        by_category = {"vp": "/just/tunes"}
    else:
-        by_category = {}
+        by_category = {}  # no action

-    # now choose the effect to apply; can be any of these:
+    # now choose the default effect to apply; can be any of these:
    # into_subfolder  into_toplevel  into_sibling  by_category
-    effect = into_subfolder
+    effect = {"vp": "/junk"}
+
+    ##
+    ## but we can keep going, adding more speicifc rules
+    ## which can take precedence, replacing the fallback
+    ## effect we just specified:
+    ##
+
+    fn = fn.lower()  # lowercase filename to make this easier
+
+    if "screenshot" in fn:
+        effect = {"vp": "/ss"}
+    if "mpv_" in fn:
+        effect = {"vp": "/anishots"}
+    elif "debian" in fn or "biebian" in fn:
+        effect = {"vp": "/linux-ISOs"}
+    elif re.search(r"ep(isode |\.)?[0-9]", fn):
+        effect = {"vp": "/podcasts"}
+
+    # regex lets you grab a part of the matching
+    # text and use that in the upload path:
+    m = re.search(r"\b(op|ed)([^a-z]|$)", fn)
+    if m:
+        # the regex matched; use "anime-op" or "anime-ed"
+        effect = {"vp": "/anime-" + m[1]}
+
+    # aaand DO IT
    print(json.dumps({"reloc": effect}))


--- a/contrib/package/arch/PKGBUILD
+++ b/contrib/package/arch/PKGBUILD
@@ -1,6 +1,6 @@
 # Maintainer: icxes <dev.null@need.moe>
 pkgname=copyparty
-pkgver="1.13.6"
+pkgver="1.13.8"
 pkgrel=1
 pkgdesc="File server with accelerated resumable uploads, dedup, WebDAV, FTP, TFTP, zeroconf, media indexer, thumbnails++"
 arch=("any")
@@ -21,7 +21,7 @@ optdepends=("ffmpeg: thumbnails for videos, images (slower) and audio, music tag
 )
 source=("https://github.com/9001/${pkgname}/releases/download/v${pkgver}/${pkgname}-${pkgver}.tar.gz")
 backup=("etc/${pkgname}.d/init" )
-sha256sums=("abb9d0df24c4082594adc2070b7e9fb84a57733d0a3fbf83f4ec2a02813dd717")
+sha256sums=("ddb7a7247cff7aa72254036c9f9ad66bbd45afdde5241ee60ca51d0d355b5392")

 build() {
    cd "${srcdir}/${pkgname}-${pkgver}"
--- a/contrib/package/nix/copyparty/pin.json
+++ b/contrib/package/nix/copyparty/pin.json
@@ -1,5 +1,5 @@
 {
-    "url": "https://github.com/9001/copyparty/releases/download/v1.13.6/copyparty-sfx.py",
-    "version": "1.13.6",
-    "hash": "sha256-eQSHZYXIbS4piCU/zOyEz3E6V/lS6348vENMLwONYUM="
+    "url": "https://github.com/9001/copyparty/releases/download/v1.13.8/copyparty-sfx.py",
+    "version": "1.13.8",
+    "hash": "sha256-J2m9dK0lGG3twNvPPkGWUpzD7OLTEskBUmtwPoZ2qEE="
 }
--- a/contrib/themes/bsod.css
+++ b/contrib/themes/bsod.css
@@ -40,8 +40,6 @@ html.ey {

 	--u2-b1-bg: var(--w2);
 	--u2-b2-bg: var(--w2);
-	--u2-o-bg: var(--w2);
-	--u2-o-1-bg: var(--a);
    --u2-txt-bg: var(--w2);
 	--u2-tab-bg: a;
 	--u2-tab-1-bg: var(--w2);
--- a/copyparty/main.py
+++ b/copyparty/main.py
@@ -527,6 +527,41 @@ def showlic() -> None:

 def get_sects():
    return [
+        [
+            "bind",
+            "configure listening",
+            dedent(
+                """
+            \033[33m-i\033[0m takes a comma-separated list of interfaces to listen on;
+            IP-addresses and/or unix-sockets (Unix Domain Sockets)
+
+            the default (\033[32m-i ::\033[0m) means all IPv4 and IPv6 addresses
+
+            \033[32m-i 0.0.0.0\033[0m    listens on all IPv4 NICs/subnets
+            \033[32m-i 127.0.0.1\033[0m  listens on IPv4 localhost only
+            \033[32m-i 127.1\033[0m      listens on IPv4 localhost only
+            \033[32m-i 127.1,192.168.123.1\033[0m = IPv4 localhost and 192.168.123.1
+
+            \033[33m-p\033[0m takes a comma-separated list of tcp ports to listen on;
+            the default is \033[32m-p 3923\033[0m but as root you can \033[32m-p 80,443,3923\033[0m
+
+            when running behind a reverse-proxy, it's recommended to
+            use unix-sockets for improved performance and security;
+
+            \033[32m-i unix:770:www:\033[33m/tmp/a.sock\033[0m listens on \033[33m/tmp/a.sock\033[0m with
+            permissions \033[33m0770\033[0m; only accessible to members of the \033[33mwww\033[0m
+            group. This is the best approach. Alternatively,
+
+            \033[32m-i unix:777:\033[33m/tmp/a.sock\033[0m sets perms \033[33m0777\033[0m so anyone can
+            access it; bad unless it's inside a restricted folder
+
+            \033[32m-i unix:\033[33m/tmp/a.sock\033[0m keeps umask-defined permissions
+            (usually \033[33m0600\033[0m) and the same user/group as copyparty
+
+            \033[33m-p\033[0m (tcp ports) is ignored for unix sockets
+            """
+            ),
+        ],
        [
            "accounts",
            "accounts and volumes",
@@ -937,6 +972,15 @@ def add_fs(ap):
    ap2.add_argument("--mtab-age", metavar="SEC", type=int, default=60, help="rebuild mountpoint cache every \033[33mSEC\033[0m to keep track of sparse-files support; keep low on servers with removable media")


+def add_share(ap):
+    db_path = os.path.join(E.cfg, "shares.db")
+    ap2 = ap.add_argument_group('share-url options')
+    ap2.add_argument("--shr", metavar="URL", default="", help="base url for shared files, for example [\033[32m/share\033[0m] (must be a toplevel subfolder)")
+    ap2.add_argument("--shr-db", metavar="PATH", default=db_path, help="database to store shares in")
+    ap2.add_argument("--shr-adm", metavar="U,U", default="", help="comma-separated list of users allowed to view/delete any share")
+    ap2.add_argument("--shr-v", action="store_true", help="debug")
+
+
 def add_upload(ap):
    ap2 = ap.add_argument_group('upload options')
    ap2.add_argument("--dotpart", action="store_true", help="dotfile incomplete uploads, hiding them from clients unless \033[33m-ed\033[0m")
@@ -969,8 +1013,8 @@ def add_upload(ap):

 def add_network(ap):
    ap2 = ap.add_argument_group('network options')
-    ap2.add_argument("-i", metavar="IP", type=u, default="::", help="ip to bind (comma-sep.) and/or [\033[32munix:/tmp/a.sock\033[0m], default: all IPv4 and IPv6")
-    ap2.add_argument("-p", metavar="PORT", type=u, default="3923", help="ports to bind (comma/range); ignored for unix-sockets")
+    ap2.add_argument("-i", metavar="IP", type=u, default="::", help="IPs and/or unix-sockets to listen on (see \033[33m--help-bind\033[0m). Default: all IPv4 and IPv6")
+    ap2.add_argument("-p", metavar="PORT", type=u, default="3923", help="ports to listen on (comma/range); ignored for unix-sockets")
    ap2.add_argument("--ll", action="store_true", help="include link-local IPv4/IPv6 in mDNS replies, even if the NIC has routable IPs (breaks some mDNS clients)")
    ap2.add_argument("--rproxy", metavar="DEPTH", type=int, default=1, help="which ip to associate clients with; [\033[32m0\033[0m]=tcp, [\033[32m1\033[0m]=origin (first x-fwd, unsafe), [\033[32m2\033[0m]=outermost-proxy, [\033[32m3\033[0m]=second-proxy, [\033[32m-1\033[0m]=closest-proxy")
    ap2.add_argument("--xff-hdr", metavar="NAME", type=u, default="x-forwarded-for", help="if reverse-proxied, which http header to read the client's real ip from")
@@ -1030,6 +1074,16 @@ def add_auth(ap):
    ap2.add_argument("--bauth-last", action="store_true", help="keeps basic-authentication enabled, but only as a last-resort; if a cookie is also provided then the cookie wins")


+def add_chpw(ap):
+    db_path = os.path.join(E.cfg, "chpw.json")
+    ap2 = ap.add_argument_group('user-changeable passwords options')
+    ap2.add_argument("--chpw", action="store_true", help="allow users to change their own passwords")
+    ap2.add_argument("--chpw-no", metavar="U,U,U", type=u, action="append", help="do not allow password-changes for this comma-separated list of usernames")
+    ap2.add_argument("--chpw-db", metavar="PATH", type=u, default=db_path, help="where to store the passwords database (if you run multiple copyparty instances, make sure they use different DBs)")
+    ap2.add_argument("--chpw-len", metavar="N", type=int, default=8, help="minimum password length")
+    ap2.add_argument("--chpw-v", metavar="LVL", type=int, default=2, help="verbosity of summary on config load [\033[32m0\033[0m] = nothing at all, [\033[32m1\033[0m] = number of users, [\033[32m2\033[0m] = list users with default-pw, [\033[32m3\033[0m] = list all users")
+
+
 def add_zeroconf(ap):
    ap2 = ap.add_argument_group("Zeroconf options")
    ap2.add_argument("-z", action="store_true", help="enable all zeroconf backends (mdns, ssdp)")
@@ -1438,11 +1492,13 @@ def run_argparse(
    add_tls(ap, cert_path)
    add_cert(ap, cert_path)
    add_auth(ap)
+    add_chpw(ap)
    add_qr(ap, tty)
    add_zeroconf(ap)
    add_zc_mdns(ap)
    add_zc_ssdp(ap)
    add_fs(ap)
+    add_share(ap)
    add_upload(ap)
    add_db_general(ap, hcores)
    add_db_metadata(ap)
--- a/copyparty/version.py
+++ b/copyparty/version.py
@@ -1,8 +1,8 @@
 # coding: utf-8

-VERSION = (1, 13, 8)
-CODENAME = "race the beam"
-BUILD_DT = (2024, 8, 13)
+VERSION = (1, 14, 0)
+CODENAME = "one step forward"
+BUILD_DT = (2024, 8, 18)

 S_VERSION = ".".join(map(str, VERSION))
 S_BUILD_DT = "{0:04d}-{1:02d}-{2:02d}".format(*BUILD_DT)
--- a/copyparty/authsrv.py
+++ b/copyparty/authsrv.py
@@ -4,6 +4,7 @@ from __future__ import print_function, unicode_literals
 import argparse
 import base64
 import hashlib
+import json
 import os
 import re
 import stat
@@ -37,6 +38,7 @@ from .util import (
    uncyg,
    undot,
    unhumanize,
+    vjoin,
    vsplit,
 )

@@ -341,6 +343,7 @@ class VFS(object):
        self.histtab: dict[str, str] = {}  # all realpath->histpath
        self.dbv: Optional[VFS] = None  # closest full/non-jump parent
        self.lim: Optional[Lim] = None  # upload limits; only set for dbv
+        self.shr_src: Optional[tuple[VFS, str]] = None  # source vfs+rem of a share
        self.aread: dict[str, list[str]] = {}
        self.awrite: dict[str, list[str]] = {}
        self.amove: dict[str, list[str]] = {}
@@ -365,6 +368,8 @@ class VFS(object):
            self.all_aps = []
            self.all_vps = []

+        self.get_dbv = self._get_dbv
+
    def __repr__(self) -> str:
        return "VFS(%s)" % (
            ", ".join(
@@ -526,7 +531,15 @@ class VFS(object):

        return vn, rem

-    def get_dbv(self, vrem: str) -> tuple["VFS", str]:
+    def _get_share_src(self, vrem: str) -> tuple["VFS", str]:
+        src = self.shr_src
+        if not src:
+            return self._get_dbv(vrem)
+
+        shv, srem = src
+        return shv, vjoin(srem, vrem)
+
+    def _get_dbv(self, vrem: str) -> tuple["VFS", str]:
        dbv = self.dbv
        if not dbv:
            return self, vrem
@@ -807,6 +820,7 @@ class AuthSrv(object):
        self.vfs = VFS(log_func, "", "", AXS(), {})
        self.acct: dict[str, str] = {}
        self.iacct: dict[str, str] = {}
+        self.defpw: dict[str, str] = {}
        self.grps: dict[str, list[str]] = {}
        self.re_pwd: Optional[re.Pattern] = None

@@ -1352,7 +1366,7 @@ class AuthSrv(object):
        flags[name] = vals
        self._e("volflag [{}] += {}  ({})".format(name, vals, desc))

-    def reload(self) -> None:
+    def reload(self, verbosity: int = 9) -> None:
        """
        construct a flat list of mountpoints and usernames
        first from the commandline arguments
@@ -1360,9 +1374,9 @@ class AuthSrv(object):
        before finally building the VFS
        """
        with self.mutex:
-            self._reload()
+            self._reload(verbosity)

-    def _reload(self) -> None:
+    def _reload(self, verbosity: int = 9) -> None:
        acct: dict[str, str] = {}  # username:password
        grps: dict[str, list[str]] = {}  # groupname:usernames
        daxs: dict[str, AXS] = {}
@@ -1440,6 +1454,8 @@ class AuthSrv(object):
                    raise

        self.setup_pwhash(acct)
+        defpw = acct.copy()
+        self.setup_chpw(acct)

        # case-insensitive; normalize
        if WINDOWS:
@@ -1455,9 +1471,8 @@ class AuthSrv(object):
            vfs = VFS(self.log_func, absreal("."), "", axs, {})
        elif "" not in mount:
            # there's volumes but no root; make root inaccessible
-            vfs = VFS(self.log_func, "", "", AXS(), {})
-            vfs.flags["tcolor"] = self.args.tcolor
-            vfs.flags["d2d"] = True
+            zsd = {"d2d": True, "tcolor": self.args.tcolor}
+            vfs = VFS(self.log_func, "", "", AXS(), zsd)

        maxdepth = 0
        for dst in sorted(mount.keys(), key=lambda x: (x.count("/"), len(x))):
@@ -1486,6 +1501,52 @@ class AuthSrv(object):
            vol.all_vps.sort(key=lambda x: len(x[0]), reverse=True)
            vol.root = vfs

+        enshare = self.args.shr
+        shr = enshare[1:-1]
+        shrs = enshare[1:]
+        if enshare:
+            import sqlite3
+
+            shv = VFS(self.log_func, "", shr, AXS(), {"d2d": True})
+            par = vfs.all_vols[""]
+
+            db_path = self.args.shr_db
+            db = sqlite3.connect(db_path)
+            cur = db.cursor()
+            now = time.time()
+            for row in cur.execute("select * from sh"):
+                s_k, s_pw, s_vp, s_pr, s_st, s_un, s_t0, s_t1 = row
+                if s_t1 and s_t1 < now:
+                    continue
+
+                if self.args.shr_v:
+                    t = "loading %s share [%s] by [%s] => [%s]"
+                    self.log(t % (s_pr, s_k, s_un, s_vp))
+
+                if s_pw:
+                    sun = "s_%s" % (s_k,)
+                    acct[sun] = s_pw
+                else:
+                    sun = "*"
+
+                s_axs = AXS(
+                    [sun] if "r" in s_pr else [],
+                    [sun] if "w" in s_pr else [],
+                    [sun] if "m" in s_pr else [],
+                    [sun] if "d" in s_pr else [],
+                )
+
+                # don't know the abspath yet + wanna ensure the user
+                # still has the privs they granted, so nullmap it
+                shv.nodes[s_k] = VFS(
+                    self.log_func, "", "%s/%s" % (shr, s_k), s_axs, par.flags.copy()
+                )
+
+            vfs.nodes[shr] = vfs.all_vols[shr] = shv
+            for vol in shv.nodes.values():
+                vfs.all_vols[vol.vpath] = vol
+                vol.get_dbv = vol._get_share_src
+
        zss = set(acct)
        zss.update(self.idp_accs)
        zss.discard("*")
@@ -1504,7 +1565,7 @@ class AuthSrv(object):
            for usr in unames:
                for vp, vol in vfs.all_vols.items():
                    zx = getattr(vol.axs, axs_key)
-                    if usr in zx:
+                    if usr in zx and (not enshare or not vp.startswith(shrs)):
                        umap[usr].append(vp)
                umap[usr].sort()
            setattr(vfs, "a" + perm, umap)
@@ -1554,6 +1615,8 @@ class AuthSrv(object):

        for usr in acct:
            if usr not in associated_users:
+                if enshare and usr.startswith("s_"):
+                    continue
                if len(vfs.all_vols) > 1:
                    # user probably familiar enough that the verbose message is not necessary
                    t = "account [%s] is not mentioned in any volume definitions; see --help-accounts"
@@ -1989,7 +2052,7 @@ class AuthSrv(object):
        have_e2t = False
        t = "volumes and permissions:\n"
        for zv in vfs.all_vols.values():
-            if not self.warn_anonwrite:
+            if not self.warn_anonwrite or verbosity < 5:
                break

            t += '\n\033[36m"/{}"  \033[33m{}\033[0m'.format(zv.vpath, zv.realpath)
@@ -2018,7 +2081,7 @@ class AuthSrv(object):

            t += "\n"

-        if self.warn_anonwrite:
+        if self.warn_anonwrite and verbosity > 4:
            if not self.args.no_voldump:
                self.log(t)

@@ -2042,7 +2105,7 @@ class AuthSrv(object):

        try:
            zv, _ = vfs.get("", "*", False, True, err=999)
-            if self.warn_anonwrite and os.getcwd() == zv.realpath:
+            if self.warn_anonwrite and verbosity > 4 and os.getcwd() == zv.realpath:
                t = "anyone can write to the current directory: {}\n"
                self.log(t.format(zv.realpath), c=1)

@@ -2069,6 +2132,7 @@ class AuthSrv(object):

        self.vfs = vfs
        self.acct = acct
+        self.defpw = defpw
        self.grps = grps
        self.iacct = {v: k for k, v in acct.items()}

@@ -2089,6 +2153,155 @@ class AuthSrv(object):
                MIMES[ext] = mime
            EXTS.update({v: k for k, v in MIMES.items()})

+        if enshare:
+            # hide shares from controlpanel
+            vfs.all_vols = {
+                x: y
+                for x, y in vfs.all_vols.items()
+                if x != shr and not x.startswith(shrs)
+            }
+
+            assert cur  # type: ignore
+            assert shv  # type: ignore
+            for row in cur.execute("select * from sh"):
+                s_k, s_pw, s_vp, s_pr, s_st, s_un, s_t0, s_t1 = row
+                shn = shv.nodes.get(s_k, None)
+                if not shn:
+                    continue
+
+                try:
+                    s_vfs, s_rem = vfs.get(
+                        s_vp, s_un, "r" in s_pr, "w" in s_pr, "m" in s_pr, "d" in s_pr
+                    )
+                except Exception as ex:
+                    t = "removing share [%s] by [%s] to [%s] due to %r"
+                    self.log(t % (s_k, s_un, s_vp, ex), 3)
+                    shv.nodes.pop(s_k)
+                    continue
+
+                shn.shr_src = (s_vfs, s_rem)
+                shn.realpath = s_vfs.canonical(s_rem)
+
+                if self.args.shr_v:
+                    t = "mapped %s share [%s] by [%s] => [%s] => [%s]"
+                    self.log(t % (s_pr, s_k, s_un, s_vp, shn.realpath))
+
+            # transplant shadowing into shares
+            for vn in shv.nodes.values():
+                svn, srem = vn.shr_src  # type: ignore
+                if srem:
+                    continue  # free branch, safe
+                ap = svn.canonical(srem)
+                if bos.path.isfile(ap):
+                    continue  # also fine
+                for zs in svn.nodes.keys():
+                    # hide subvolume
+                    vn.nodes[zs] = VFS(self.log_func, "", "", AXS(), {})
+
+    def chpw(self, broker: Optional["BrokerCli"], uname, pw) -> tuple[bool, str]:
+        if not self.args.chpw:
+            return False, "feature disabled in server config"
+
+        if uname == "*" or uname not in self.defpw:
+            return False, "not logged in"
+
+        if uname in self.args.chpw_no:
+            return False, "not allowed for this account"
+
+        if len(pw) < self.args.chpw_len:
+            t = "minimum password length: %d characters"
+            return False, t % (self.args.chpw_len,)
+
+        hpw = self.ah.hash(pw) if self.ah.on else pw
+
+        if hpw == self.acct[uname]:
+            return False, "that's already your password my dude"
+
+        if hpw in self.iacct:
+            return False, "password is taken"
+
+        with self.mutex:
+            ap = self.args.chpw_db
+            if not bos.path.exists(ap):
+                pwdb = {}
+            else:
+                with open(ap, "r", encoding="utf-8") as f:
+                    pwdb = json.load(f)
+
+            pwdb = [x for x in pwdb if x[0] != uname]
+            pwdb.append((uname, self.defpw[uname], hpw))
+
+            with open(ap, "w", encoding="utf-8") as f:
+                json.dump(pwdb, f, separators=(",\n", ": "))
+
+            self.log("reinitializing due to password-change for user [%s]" % (uname,))
+
+            if not broker:
+                # only true for tests
+                self._reload()
+                return True, "new password OK"
+
+        broker.ask("_reload_blocking", False, False).get()
+        return True, "new password OK"
+
+    def setup_chpw(self, acct: dict[str, str]) -> None:
+        ap = self.args.chpw_db
+        if not self.args.chpw or not bos.path.exists(ap):
+            return
+
+        with open(ap, "r", encoding="utf-8") as f:
+            pwdb = json.load(f)
+
+        useen = set()
+        urst = set()
+        uok = set()
+        for usr, orig, mod in pwdb:
+            useen.add(usr)
+            if usr not in acct:
+                # previous user, no longer known
+                continue
+            if acct[usr] != orig:
+                urst.add(usr)
+                continue
+            uok.add(usr)
+            acct[usr] = mod
+
+        if not self.args.chpw_v:
+            return
+
+        for usr in acct:
+            if usr not in useen:
+                urst.add(usr)
+
+        for zs in uok:
+            urst.discard(zs)
+
+        if self.args.chpw_v == 1 or (self.args.chpw_v == 2 and not urst):
+            t = "chpw: %d changed, %d unchanged"
+            self.log(t % (len(uok), len(urst)))
+            return
+
+        elif self.args.chpw_v == 2:
+            t = "chpw: %d changed" % (len(uok))
+            if urst:
+                t += ", \033[0munchanged:\033[35m %s" % (", ".join(list(urst)))
+
+            self.log(t, 6)
+            return
+
+        msg = ""
+        if uok:
+            t = "\033[0mchanged: \033[32m%s"
+            msg += t % (", ".join(list(uok)),)
+        if urst:
+            t = "%s\033[0munchanged: \033[35m%s"
+            msg += t % (
+                ", " if msg else "",
+                ", ".join(list(urst)),
+            )
+
+        self.log("chpw: " + msg, 6)
+
    def setup_pwhash(self, acct: dict[str, str]) -> None:
        self.ah = PWHash(self.args)
        if not self.ah.on:
--- a/copyparty/httpcli.py
+++ b/copyparty/httpcli.py
@@ -45,6 +45,7 @@ from .util import unquote  # type: ignore
 from .util import (
    APPLESAN_RE,
    BITNESS,
+    HAVE_SQLITE3,
    HTTPCODE,
    META_NOBOTS,
    UTC,
@@ -454,7 +455,7 @@ class HttpCli(object):
                t = "incorrect --rp-loc or webserver config; expected vpath starting with [{}] but got [{}]"
                self.log(t.format(self.args.R, vpath), 1)

-        self.ouparam = {k: zs for k, zs in uparam.items()}
+        self.ouparam = uparam.copy()

        if self.args.rsp_slp:
            time.sleep(self.args.rsp_slp)
@@ -463,6 +464,9 @@ class HttpCli(object):

        zso = self.headers.get("cookie")
        if zso:
+            if len(zso) > 8192:
+                self.loud_reply("cookie header too big", status=400)
+                return False
            zsll = [x.split("=", 1) for x in zso.split(";") if "=" in x]
            cookies = {k.strip(): unescape_cookie(zs) for k, zs in zsll}
            cookie_pw = cookies.get("cppws") or cookies.get("cppwd") or ""
@@ -968,10 +972,10 @@ class HttpCli(object):
        status: int = 200,
        use302: bool = False,
    ) -> bool:
-        vp = self.args.RS + vpath
+        vp = self.args.SRS + vpath
        html = self.j2s(
            "msg",
-            h2='<a href="/{}">{} /{}</a>'.format(
+            h2='<a href="{}">{} {}</a>'.format(
                quotep(vp) + suf, flavor, html_escape(vp, crlf=True) + suf
            ),
            pre=msg,
@@ -979,7 +983,7 @@ class HttpCli(object):
        ).encode("utf-8", "replace")

        if use302:
-            self.reply(html, status=302, headers={"Location": "/" + vpath})
+            self.reply(html, status=302, headers={"Location": vp})
        else:
            self.reply(html, status=status)

@@ -1141,7 +1145,7 @@ class HttpCli(object):
            if "move" in self.uparam:
                return self.handle_mv()

-        if not self.vpath:
+        if not self.vpath and self.ouparam:
            if "reload" in self.uparam:
                return self.handle_reload()

@@ -1163,23 +1167,12 @@ class HttpCli(object):
            if "hc" in self.uparam:
                return self.tx_svcs()

+            if "shares" in self.uparam:
+                return self.tx_shares()
+
        if "h" in self.uparam:
            return self.tx_mounts()

-        # conditional redirect to single volumes
-        if not self.vpath and not self.ouparam:
-            nread = len(self.rvol)
-            nwrite = len(self.wvol)
-            if nread + nwrite == 1 or (self.rvol == self.wvol and nread == 1):
-                if nread == 1:
-                    vpath = self.rvol[0]
-                else:
-                    vpath = self.wvol[0]
-
-                if self.vpath != vpath:
-                    self.redirect(vpath, flavor="redirecting to", use302=True)
-                    return True
-
        return self.tx_browser()

    def handle_propfind(self) -> bool:
@@ -1618,6 +1611,9 @@ class HttpCli(object):
        if "delete" in self.uparam:
            return self.handle_rm([])

+        if "unshare" in self.uparam:
+            return self.handle_unshare()
+
        if "application/octet-stream" in ctype:
            return self.handle_post_binary()

@@ -2089,6 +2085,9 @@ class HttpCli(object):
        if act == "zip":
            return self.handle_zip_post()

+        if act == "chpw":
+            return self.handle_chpw()
+
        raise Pebkac(422, 'invalid action "{}"'.format(act))

    def handle_zip_post(self) -> bool:
@@ -2147,6 +2146,9 @@ class HttpCli(object):
        if "srch" in self.uparam or "srch" in body:
            return self.handle_search(body)

+        if "share" in self.uparam:
+            return self.handle_share(body)
+
        if "delete" in self.uparam:
            return self.handle_rm(body)

@@ -2203,7 +2205,9 @@ class HttpCli(object):
    def handle_search(self, body: dict[str, Any]) -> bool:
        idx = self.conn.get_u2idx()
        if not idx or not hasattr(idx, "p_end"):
-            raise Pebkac(500, "server busy, or sqlite3 not available; cannot search")
+            if not HAVE_SQLITE3:
+                raise Pebkac(500, "sqlite3 not found on server; search is disabled")
+            raise Pebkac(500, "server busy, cannot search; please retry in a bit")

        vols: list[VFS] = []
        seen: dict[VFS, bool] = {}
@@ -2393,6 +2397,22 @@ class HttpCli(object):
        self.reply(b"thank")
        return True

+    def handle_chpw(self) -> bool:
+        assert self.parser
+        pwd = self.parser.require("pw", 64)
+        self.parser.drop()
+
+        ok, msg = self.asrv.chpw(self.conn.hsrv.broker, self.uname, pwd)
+        if ok:
+            ok, msg = self.get_pwd_cookie(pwd)
+            if ok:
+                msg = "new password OK"
+
+        redir = (self.args.SRS + "?h") if ok else ""
+        html = self.j2s("msg", h1=msg, h2='<a href="/?h">ack</a>', redir=redir)
+        self.reply(html.encode("utf-8"))
+        return True
+
    def handle_login(self) -> bool:
        assert self.parser
        pwd = self.parser.require("cppwd", 64)
@@ -2417,12 +2437,12 @@ class HttpCli(object):
            dst += "&" if "?" in dst else "?"
            dst += "_=1#" + html_escape(uhash, True, True)

-        msg = self.get_pwd_cookie(pwd)
+        _, msg = self.get_pwd_cookie(pwd)
        html = self.j2s("msg", h1=msg, h2='<a href="' + dst + '">ack</a>', redir=dst)
        self.reply(html.encode("utf-8"))
        return True

-    def get_pwd_cookie(self, pwd: str) -> str:
+    def get_pwd_cookie(self, pwd: str) -> tuple[bool, str]:
        hpwd = self.asrv.ah.hash(pwd)
        uname = self.asrv.iacct.get(hpwd)
        if uname:
@@ -2454,7 +2474,7 @@ class HttpCli(object):
            ck = gencookie(k, pwd, self.args.R, self.is_https, dur, "; HttpOnly")
            self.out_headerlist.append(("Set-Cookie", ck))

-        return msg
+        return dur > 0, msg

    def handle_mkdir(self) -> bool:
        assert self.parser
@@ -2493,7 +2513,7 @@ class HttpCli(object):
            except:
                raise Pebkac(500, min_ex())

-        self.out_headers["X-New-Dir"] = quotep(vpath)
+        self.out_headers["X-New-Dir"] = quotep(self.args.RS + vpath)

        if dav:
            self.reply(b"", 201)
@@ -3948,6 +3968,7 @@ class HttpCli(object):
            k304=self.k304(),
            k304vis=self.args.k304 > 0,
            ver=S_VERSION if self.args.ver else "",
+            chpw=self.args.chpw and self.uname != "*",
            ahttps="" if self.is_https else "https://" + self.host + self.req,
        )
        self.reply(html.encode("utf-8"))
@@ -4082,7 +4103,9 @@ class HttpCli(object):
            dst = dst[len(top) + 1 :]

        ret = self.gen_tree(top, dst, self.uparam.get("k", ""))
-        if self.is_vproxied:
+        if self.is_vproxied and not self.uparam["tree"]:
+            # uparam is '' on initial load, which is
+            # the only time we gotta fill in the blanks
            parents = self.args.R.split("/")
            for parent in reversed(parents):
                ret = {"k%s" % (parent,): ret, "a": []}
@@ -4157,7 +4180,9 @@ class HttpCli(object):
    def tx_ups(self) -> bool:
        idx = self.conn.get_u2idx()
        if not idx or not hasattr(idx, "p_end"):
-            raise Pebkac(500, "sqlite3 is not available on the server; cannot unpost")
+            if not HAVE_SQLITE3:
+                raise Pebkac(500, "sqlite3 not found on server; unpost is disabled")
+            raise Pebkac(500, "server busy, cannot unpost; please retry in a bit")

        filt = self.uparam.get("filter") or ""
        lm = "ups [{}]".format(filt)
@@ -4246,6 +4271,137 @@ class HttpCli(object):
        self.reply(jtxt.encode("utf-8", "replace"), mime="application/json")
        return True

+    def tx_shares(self) -> bool:
+        if self.uname == "*":
+            self.loud_reply("you're not logged in")
+            return True
+
+        idx = self.conn.get_u2idx()
+        if not idx or not hasattr(idx, "p_end"):
+            if not HAVE_SQLITE3:
+                raise Pebkac(500, "sqlite3 not found on server; sharing is disabled")
+            raise Pebkac(500, "server busy, cannot list shares; please retry in a bit")
+
+        cur = idx.get_shr()
+        if not cur:
+            raise Pebkac(400, "huh, sharing must be disabled in the server config...")
+
+        rows = cur.execute("select * from sh").fetchall()
+        rows = [list(x) for x in rows]
+
+        if self.uname != self.args.shr_adm:
+            rows = [x for x in rows if x[5] == self.uname]
+
+        for x in rows:
+            x[1] = "yes" if x[1] else ""
+
+        html = self.j2s(
+            "shares", this=self, shr=self.args.shr, rows=rows, now=int(time.time())
+        )
+        self.reply(html.encode("utf-8"), status=200)
+        return True
+
+    def handle_unshare(self) -> bool:
+        idx = self.conn.get_u2idx()
+        if not idx or not hasattr(idx, "p_end"):
+            if not HAVE_SQLITE3:
+                raise Pebkac(500, "sqlite3 not found on server; sharing is disabled")
+            raise Pebkac(500, "server busy, cannot create share; please retry in a bit")
+
+        if self.args.shr_v:
+            self.log("handle_unshare: " + self.req)
+
+        cur = idx.get_shr()
+        if not cur:
+            raise Pebkac(400, "huh, sharing must be disabled in the server config...")
+
+        skey = self.vpath.split("/")[-1]
+
+        uns = cur.execute("select un from sh where k = ?", (skey,)).fetchall()
+        un = uns[0][0] if uns and uns[0] else ""
+
+        if not un:
+            raise Pebkac(400, "that sharekey didn't match anything")
+
+        if un != self.uname and self.uname != self.args.shr_adm:
+            t = "your username (%r) does not match the sharekey's owner (%r) and you're not admin"
+            raise Pebkac(400, t % (self.uname, un))
+
+        cur.execute("delete from sh where k = ?", (skey,))
+        cur.connection.commit()
+
+        self.redirect(self.args.SRS + "?shares")
+        return True
+
+    def handle_share(self, req: dict[str, str]) -> bool:
+        idx = self.conn.get_u2idx()
+        if not idx or not hasattr(idx, "p_end"):
+            if not HAVE_SQLITE3:
+                raise Pebkac(500, "sqlite3 not found on server; sharing is disabled")
+            raise Pebkac(500, "server busy, cannot create share; please retry in a bit")
+
+        if self.args.shr_v:
+            self.log("handle_share: " + json.dumps(req, indent=4))
+
+        skey = req["k"]
+        vp = req["vp"].strip("/")
+        if self.is_vproxied and (vp == self.args.R or vp.startswith(self.args.RS)):
+            vp = vp[len(self.args.RS) :]
+
+        m = re.search(r"([^0-9a-zA-Z_\.-]|\.\.|^\.)", skey)
+        if m:
+            raise Pebkac(400, "sharekey has illegal character [%s]" % (m[1],))
+
+        if vp.startswith(self.args.shr[1:]):
+            raise Pebkac(400, "yo dawg...")
+
+        cur = idx.get_shr()
+        if not cur:
+            raise Pebkac(400, "huh, sharing must be disabled in the server config...")
+
+        q = "select * from sh where k = ?"
+        qr = cur.execute(q, (skey,)).fetchall()
+        if qr and qr[0]:
+            self.log("sharekey taken by %r" % (qr,))
+            raise Pebkac(400, "sharekey [%s] is already in use" % (skey,))
+
+        # ensure user has requested perms
+        s_rd = "read" in req["perms"]
+        s_wr = "write" in req["perms"]
+        s_mv = "move" in req["perms"]
+        s_del = "delete" in req["perms"]
+        try:
+            vfs, rem = self.asrv.vfs.get(vp, self.uname, s_rd, s_wr, s_mv, s_del)
+        except:
+            raise Pebkac(400, "you dont have all the perms you tried to grant")
+
+        ap = vfs.canonical(rem)
+        st = bos.stat(ap)
+        ist = 2 if stat.S_ISDIR(st.st_mode) else 1
+
+        pw = req.get("pw") or ""
+        now = int(time.time())
+        sexp = req["exp"]
+        exp = now + int(sexp) * 60 if sexp else 0
+        pr = "".join(zc for zc, zb in zip("rwmd", (s_rd, s_wr, s_mv, s_del)) if zb)
+
+        q = "insert into sh values (?,?,?,?,?,?,?,?)"
+        cur.execute(q, (skey, pw, vp, pr, ist, self.uname, now, exp))
+        cur.connection.commit()
+
+        self.conn.hsrv.broker.ask("_reload_blocking", False, False).get()
+        self.conn.hsrv.broker.ask("up2k.wake_rescanner").get()
+
+        surl = "%s://%s%s%s%s" % (
+            "https" if self.is_https else "http",
+            self.host,
+            self.args.SR,
+            self.args.shr,
+            skey,
+        )
+        self.loud_reply(surl, status=201)
+        return True
+
    def handle_rm(self, req: list[str]) -> bool:
        if not req and not self.can_delete:
            raise Pebkac(403, "not allowed for user " + self.uname)
@@ -4644,6 +4800,7 @@ class HttpCli(object):
            "have_mv": (not self.args.no_mv),
            "have_del": (not self.args.no_del),
            "have_zip": (not self.args.no_zip),
+            "have_shr": self.args.shr,
            "have_unpost": int(self.args.unpost),
            "sb_md": "" if "no_sb_md" in vf else (vf.get("md_sbf") or "y"),
            "dgrid": "grid" in vf,
--- a/copyparty/httpsrv.py
+++ b/copyparty/httpsrv.py
@@ -154,7 +154,17 @@ class HttpSrv(object):

        env = jinja2.Environment()
        env.loader = jinja2.FileSystemLoader(os.path.join(self.E.mod, "web"))
-        jn = ["splash", "svcs", "browser", "browser2", "msg", "md", "mde", "cf"]
+        jn = [
+            "splash",
+            "shares",
+            "svcs",
+            "browser",
+            "browser2",
+            "msg",
+            "md",
+            "mde",
+            "cf",
+        ]
        self.j2 = {x: env.get_template(x + ".html") for x in jn}
        zs = os.path.join(self.E.mod, "web", "deps", "prism.js.gz")
        self.prism = os.path.exists(zs)
@@ -365,7 +375,7 @@ class HttpSrv(object):
                        cip = cip[7:]
                    addr = (cip, saddr[1])
                else:
-                    addr = (ip, sck.fileno())
+                    addr = ("127.8.3.7", sck.fileno())
            except (OSError, socket.error) as ex:
                if self.stopping:
                    break
--- a/copyparty/svchub.py
+++ b/copyparty/svchub.py
@@ -208,6 +208,20 @@ class SvcHub(object):
            t = "WARNING: --s-rd-sz (%d) is larger than --iobuf (%d); this may lead to reduced performance"
            self.log("root", t % (args.s_rd_sz, args.iobuf), 3)

+        if args.chpw and args.idp_h_usr:
+            t = "ERROR: user-changeable passwords is incompatible with IdP/identity-providers; you must disable either --chpw or --idp-h-usr"
+            self.log("root", t, 1)
+            raise Exception(t)
+
+        noch = set()
+        for zs in args.chpw_no or []:
+            zsl = [x.strip() for x in zs.split(",")]
+            noch.update([x for x in zsl if x])
+        args.chpw_no = noch
+
+        if args.shr:
+            self.setup_share_db()
+
        bri = "zy"[args.theme % 2 :][:1]
        ch = "abcdefghijklmnopqrstuvwx"[int(args.theme / 2)]
        args.theme = "{0}{1} {0} {1}".format(ch, bri)
@@ -353,6 +367,61 @@ class SvcHub(object):

        self.broker = Broker(self)

+    def setup_share_db(self) -> None:
+        al = self.args
+        if not HAVE_SQLITE3:
+            self.log("root", "sqlite3 not available; disabling --shr", 1)
+            al.shr = ""
+            return
+
+        import sqlite3
+
+        al.shr = "/%s/" % (al.shr.strip("/"))
+
+        create = True
+        db_path = self.args.shr_db
+        self.log("root", "initializing shares-db %s" % (db_path,))
+        for n in range(2):
+            try:
+                db = sqlite3.connect(db_path)
+                cur = db.cursor()
+                try:
+                    cur.execute("select count(*) from sh").fetchone()
+                    create = False
+                    break
+                except:
+                    pass
+            except Exception as ex:
+                if n:
+                    raise
+                t = "shares-db corrupt; deleting and recreating: %r"
+                self.log("root", t % (ex,), 3)
+                try:
+                    cur.close()  # type: ignore
+                except:
+                    pass
+                try:
+                    db.close()  # type: ignore
+                except:
+                    pass
+                os.unlink(db_path)
+
+        assert db  # type: ignore
+        assert cur  # type: ignore
+        if create:
+            for cmd in [
+                # sharekey, password, src, perms, type, owner, created, expires
+                r"create table sh (k text, pw text, vp text, pr text, st int, un text, t0 int, t1 int)",
+                r"create table kv (k text, v int)",
+                r"insert into kv values ('sver', {})".format(1),
+            ]:
+                cur.execute(cmd)
+            db.commit()
+            self.log("root", "created new shares-db")
+
+        cur.close()
+        db.close()
+
    def start_ftpd(self) -> None:
        time.sleep(30)

@@ -815,18 +884,21 @@ class SvcHub(object):
        Daemon(self._reload, "reloading")
        return "reload initiated"

-    def _reload(self, rescan_all_vols: bool = True) -> None:
+    def _reload(self, rescan_all_vols: bool = True, up2k: bool = True) -> None:
        with self.up2k.mutex:
            if self.reloading != 1:
                return
            self.reloading = 2
            self.log("root", "reloading config")
-            self.asrv.reload()
-            self.up2k.reload(rescan_all_vols)
+            self.asrv.reload(9 if up2k else 4)
+            if up2k:
+                self.up2k.reload(rescan_all_vols)
+            else:
+                self.log("root", "reload done")
            self.broker.reload()
            self.reloading = 0

-    def _reload_blocking(self, rescan_all_vols: bool = True) -> None:
+    def _reload_blocking(self, rescan_all_vols: bool = True, up2k: bool = True) -> None:
        while True:
            with self.up2k.mutex:
                if self.reloading < 2:
@@ -837,7 +909,7 @@ class SvcHub(object):
        # try to handle multiple pending IdP reloads at once:
        time.sleep(0.2)

-        self._reload(rescan_all_vols=rescan_all_vols)
+        self._reload(rescan_all_vols=rescan_all_vols, up2k=up2k)

    def stop_thr(self) -> None:
        while not self.stop_req:
--- a/copyparty/tcpsrv.py
+++ b/copyparty/tcpsrv.py
@@ -226,10 +226,22 @@ class TcpSrv(object):
        self.log("tcpsrv", msg, c)

    def _listen(self, ip: str, port: int) -> None:
+        uds_perm = uds_gid = -1
        if "unix:" in ip:
            tcp = False
            ipv = socket.AF_UNIX
-            ip = ip.split("unix:")[1]
+            uds = ip.split(":")
+            ip = uds[-1]
+            if len(uds) > 2:
+                uds_perm = int(uds[1], 8)
+            if len(uds) > 3:
+                try:
+                    uds_gid = int(uds[2])
+                except:
+                    import grp
+
+                    uds_gid = grp.getgrnam(uds[2]).gr_gid
+
        elif ":" in ip:
            tcp = True
            ipv = socket.AF_INET6
@@ -265,7 +277,13 @@ class TcpSrv(object):
                    srv.bind(ip)
                else:
                    tf = "%s.%d" % (ip, os.getpid())
+                    if os.path.exists(tf):
+                        os.unlink(tf)
                    srv.bind(tf)
+                    if uds_gid != -1:
+                        os.chown(tf, -1, uds_gid)
+                    if uds_perm != -1:
+                        os.chmod(tf, uds_perm)
                    atomic_move(self.nlog, tf, ip, VF_CAREFUL)

            sport = srv.getsockname()[1] if tcp else port
--- a/copyparty/u2idx.py
+++ b/copyparty/u2idx.py
@@ -59,6 +59,8 @@ class U2idx(object):
        self.mem_cur = sqlite3.connect(":memory:", check_same_thread=False).cursor()
        self.mem_cur.execute(r"create table a (b text)")

+        self.sh_cur: Optional["sqlite3.Cursor"] = None
+
        self.p_end = 0.0
        self.p_dur = 0.0

@@ -95,17 +97,31 @@ class U2idx(object):
        except:
            raise Pebkac(500, min_ex())

-    def get_cur(self, vn: VFS) -> Optional["sqlite3.Cursor"]:
-        if not HAVE_SQLITE3:
+    def get_shr(self) -> Optional["sqlite3.Cursor"]:
+        if self.sh_cur:
+            return self.sh_cur
+
+        if not HAVE_SQLITE3 or not self.args.shr:
            return None

+        assert sqlite3  # type: ignore
+
+        db = sqlite3.connect(self.args.shr_db, timeout=2, check_same_thread=False)
+        cur = db.cursor()
+        cur.execute('pragma table_info("sh")').fetchall()
+        self.sh_cur = cur
+        return cur
+
+    def get_cur(self, vn: VFS) -> Optional["sqlite3.Cursor"]:
        cur = self.cur.get(vn.realpath)
        if cur:
            return cur

-        if "e2d" not in vn.flags:
+        if not HAVE_SQLITE3 or "e2d" not in vn.flags:
            return None

+        assert sqlite3  # type: ignore
+
        ptop = vn.realpath
        histpath = self.asrv.vfs.histtab.get(ptop)
        if not histpath:
--- a/copyparty/up2k.py
+++ b/copyparty/up2k.py
@@ -454,11 +454,16 @@ class Up2k(object):
            cooldown = now + 3
            # self.log("SR", 5)

-            if self.args.no_lifetime:
+            if self.args.no_lifetime and not self.args.shr:
                timeout = now + 9001
            else:
                # important; not deferred by db_act
                timeout = self._check_lifetimes()
+                try:
+                    timeout = min(self._check_shares(), timeout)
+                except Exception as ex:
+                    t = "could not check for expiring shares: %r"
+                    self.log(t % (ex,), 1)

            try:
                timeout = min(timeout, now + self._check_xiu())
@@ -561,6 +566,34 @@ class Up2k(object):

        return timeout

+    def _check_shares(self) -> float:
+        assert sqlite3  # type: ignore
+
+        now = time.time()
+        timeout = now + 9001
+
+        db = sqlite3.connect(self.args.shr_db, timeout=2)
+        cur = db.cursor()
+
+        q = "select k from sh where t1 and t1 <= ?"
+        rm = [x[0] for x in cur.execute(q, (now,))]
+        if rm:
+            self.log("forgetting expired shares %s" % (rm,))
+            q = "delete from sh where k=?"
+            cur.executemany(q, [(x,) for x in rm])
+            db.commit()
+            Daemon(self.hub._reload_blocking, "sharedrop", (False, False))
+
+        q = "select min(t1) from sh where t1 > 1"
+        (earliest,) = cur.execute(q).fetchone()
+        if earliest:
+            timeout = earliest - now
+
+        cur.close()
+        db.close()
+
+        return timeout
+
    def _check_xiu(self) -> float:
        if self.xiu_busy:
            return 2
@@ -2535,6 +2568,10 @@ class Up2k(object):

        cur.connection.commit()

+    def wake_rescanner(self):
+        with self.rescan_cond:
+            self.rescan_cond.notify_all()
+
    def handle_json(
        self, cj: dict[str, Any], busy_aps: dict[str, int]
    ) -> dict[str, Any]:
@@ -2564,7 +2601,10 @@ class Up2k(object):

        return ret

-    def _handle_json(self, cj: dict[str, Any]) -> dict[str, Any]:
+    def _handle_json(self, cj: dict[str, Any], depth: int = 1) -> dict[str, Any]:
+        if depth > 16:
+            raise Pebkac(500, "too many xbu relocs, giving up")
+
        ptop = cj["ptop"]
        if not self.register_vpath(ptop, cj["vcfg"]):
            if ptop not in self.registry:
@@ -2757,7 +2797,8 @@ class Up2k(object):
                        job = deepcopy(job)
                        job["wark"] = wark
                        job["at"] = cj.get("at") or time.time()
-                        for k in "lmod ptop vtop prel name host user addr".split():
+                        zs = "lmod ptop vtop prel name host user addr poke"
+                        for k in zs.split():
                            job[k] = cj.get(k) or ""

                        pdir = djoin(cj["ptop"], cj["prel"])
@@ -2794,12 +2835,18 @@ class Up2k(object):
                            if hr.get("reloc"):
                                x = pathmod(self.asrv.vfs, dst, vp, hr["reloc"])
                                if x:
+                                    zvfs = vfs
                                    pdir, _, job["name"], (vfs, rem) = x
                                    dst = os.path.join(pdir, job["name"])
+                                    job["vcfg"] = vfs.flags
                                    job["ptop"] = vfs.realpath
                                    job["vtop"] = vfs.vpath
                                    job["prel"] = rem
-                                    bos.makedirs(pdir)
+                                    if zvfs.vpath != vfs.vpath:
+                                        # print(json.dumps(job, sort_keys=True, indent=4))
+                                        job["hash"] = cj["hash"]
+                                        self.log("xbu reloc1:%d..." % (depth,), 6)
+                                        return self._handle_json(job, depth + 1)

                        job["name"] = self._untaken(pdir, job, now)

@@ -2880,7 +2927,9 @@ class Up2k(object):
                        lut.add(k)

                try:
-                    self._new_upload(job)
+                    ret = self._new_upload(job, vfs, depth)
+                    if ret:
+                        return ret  # xbu recursed
                except:
                    self.registry[job["ptop"]].pop(job["wark"], None)
                    raise
@@ -4176,22 +4225,17 @@ class Up2k(object):

        return ret

-    def _new_upload(self, job: dict[str, Any]) -> None:
+    def _new_upload(self, job: dict[str, Any], vfs: VFS, depth: int) -> dict[str, str]:
        pdir = djoin(job["ptop"], job["prel"])
        if not job["size"]:
            try:
                inf = bos.stat(djoin(pdir, job["name"]))
                if stat.S_ISREG(inf.st_mode):
                    job["lmod"] = inf.st_size
-                    return
+                    return {}
            except:
                pass

-        self.registry[job["ptop"]][job["wark"]] = job
-        job["name"] = self._untaken(pdir, job, job["t0"])
-        # if len(job["name"].split(".")) > 8:
-        #    raise Exception("aaa")
-
        xbu = self.flags[job["ptop"]].get("xbu")
        ap_chk = djoin(pdir, job["name"])
        vp_chk = djoin(job["vtop"], job["prel"], job["name"])
@@ -4220,10 +4264,18 @@ class Up2k(object):
            if hr.get("reloc"):
                x = pathmod(self.asrv.vfs, ap_chk, vp_chk, hr["reloc"])
                if x:
+                    zvfs = vfs
                    pdir, _, job["name"], (vfs, rem) = x
+                    job["vcfg"] = vfs.flags
                    job["ptop"] = vfs.realpath
                    job["vtop"] = vfs.vpath
                    job["prel"] = rem
+                    if zvfs.vpath != vfs.vpath:
+                        self.log("xbu reloc2:%d..." % (depth,), 6)
+                        return self._handle_json(job, depth + 1)
+
+        job["name"] = self._untaken(pdir, job, job["t0"])
+        self.registry[job["ptop"]][job["wark"]] = job

        tnam = job["name"] + ".PARTIAL"
        if self.args.dotpart:
@@ -4233,7 +4285,7 @@ class Up2k(object):
            job["tnam"] = tnam
            if not job["hash"]:
                del self.registry[job["ptop"]][job["wark"]]
-            return
+            return {}

        if self.args.plain_ip:
            dip = job["addr"].replace(":", ".")
@@ -4293,6 +4345,8 @@ class Up2k(object):
        if not job["hash"]:
            self._finish_upload(job["ptop"], job["wark"])

+        return {}
+
    def _snapshot(self) -> None:
        slp = self.args.snap_wri
        if not slp or self.args.no_snap:
--- a/copyparty/util.py
+++ b/copyparty/util.py
@@ -1760,7 +1760,7 @@ def read_header(sr: Unrecv, t_idle: int, t_tot: int) -> list[str]:

        ofs = ret.find(b"\r\n\r\n")
        if ofs < 0:
-            if len(ret) > 1024 * 64:
+            if len(ret) > 1024 * 32:
                raise Pebkac(400, "header 2big")
            else:
                continue
--- a/copyparty/web/browser.css
+++ b/copyparty/web/browser.css
@@ -10,7 +10,6 @@
 	--fg2-max: #fff;
 	--fg-weak: #bbb;

-	--bg-u7: #555;
 	--bg-u6: #4c4c4c;
 	--bg-u5: #444;
 	--bg-u4: #383838;
@@ -43,8 +42,14 @@
 	--btn-h-bg: #805;
 	--btn-1-fg: #400;
 	--btn-1-bg: var(--a);
+	--btn-h-bs: var(--btn-bs);
+	--btn-h-bb: var(--btn-bb);
+	--btn-1-bs: var(--btn-bs);
+	--btn-1-bb: var(--btn-bb);
 	--btn-1h-fg: var(--btn-1-fg);
 	--btn-1h-bg: #fe8;
+	--btn-1h-bs: var(--btn-1-bs);
+	--btn-1h-bb: var(--btn-1-bb);
 	--chk-fg: var(--tab-alt);
 	--txt-sh: var(--bg-d2);
 	--txt-bg: var(--btn-bg);
@@ -212,22 +217,19 @@ html.y {
 html.a {
 	--op-aa-sh: 0 0 .2em var(--bg-d3) inset;

-	--u2-o-bg: #603;
-	--u2-o-b1: #a16;
-	--u2-o-sh: #a00;
-	--u2-o-h-bg: var(--u2-o-bg);
-	--u2-o-h-b1: #fb0;
-	--u2-o-h-sh: #fb0;
-	--u2-o-1-bg: #6a1;
-	--u2-o-1-b1: #efa;
-	--u2-o-1-sh: #0c0;
-	--u2-o-1h-bg: var(--u2-o-1-bg);
+	--btn-bs: 0 0 .2em var(--bg-d3);
+}
+html.az {
+	--btn-1-bs: 0 0 .1em var(--fg) inset;
 }
 html.ay {
 	--op-aa-sh: 0 .1em .2em #ccc;
 	--op-aa-bg: var(--bg-max);
 }
 html.b {
+	--btn-bs: 0 .05em 0 var(--bg-d3) inset;
+	--btn-1-bs: 0 .05em 0 var(--btn-1h-bg) inset;
+
 	--tree-bg: var(--bg);

 	--g-bg: var(--bg);
@@ -244,17 +246,13 @@ html.b {
 	--u2-b1-bg: rgba(128,128,128,0.15);
 	--u2-b2-bg: var(--u2-b1-bg);

-	--u2-o-bg: var(--btn-bg);
-	--u2-o-h-bg: var(--btn-h-bg);
-	--u2-o-1-bg: var(--a);
-	--u2-o-1h-bg: var(--a-hil);
-
 	--f-sh1: 0.1;
 	--mp-b-bg: transparent;
 }
 html.bz {
 	--fg: #cce;
 	--fg-weak: #bbd;
+
 	--bg-u5: #3b3f58;
 	--bg-u4: #1e2130;
 	--bg-u3: #1e2130;
@@ -266,12 +264,14 @@ html.bz {

 	--row-alt: #181a27;

+	--a-b: #fb4;
+
 	--btn-bg: #202231;
 	--btn-h-bg: #2d2f45;
-	--btn-1-bg: #ba2959;
-	--btn-1-is: #f59;
-	--btn-1-fg: #fff;
+	--btn-1-bg: #eb6;
+	--btn-1-fg: #000;
 	--btn-1h-fg: #000;
+	--btn-1h-bg: #ff9;
 	--txt-sh: a;

 	--u2-tab-b1: var(--bg-u5);
@@ -306,6 +306,7 @@ html.by {
 }
 html.c {
 	font-weight: bold;
+
 	--fg: #fff;
 	--fg-weak: #cef;
 	--bg-u5: #409;
@@ -326,16 +327,23 @@ html.c {
 	--chk-fg: #d90;

 	--op-aa-bg: #f9dd22;
-	--u2-o-1-bg: #4cf;

 	--srv-1: #ea0;
 	--mp-b-bg: transparent;
 }
 html.cz {
 	--bgg: var(--bg-u2);
+
 	--sel-bg: var(--bg-u5);
 	--sel-fg: var(--fg);
+
+	--btn-bb: .2em solid #709;
+	--btn-bs: 0 .1em .6em rgba(255,0,185,0.5);
+	--btn-1-bb: .2em solid #e90;
+	--btn-1-bs: 0 .1em .8em rgba(255,205,0,0.9);
+
 	--srv-3: #fff;
+
 	--u2-tab-b1: var(--bg-d3);
 }
 html.cy {
@@ -363,6 +371,7 @@ html.cy {
 	--btn-h-fg: #fff;
 	--btn-1-bg: #ff0;
 	--btn-1-fg: #000;
+	--btn-bs: 0 .25em 0 #f00;
 	--chk-fg: #fd0;

 	--srv-1: #f00;
@@ -371,8 +380,6 @@ html.cy {

 	--u2-b1-bg: #f00;
 	--u2-b2-bg: #f00;
-	--u2-o-bg: #ff0;
-	--u2-o-1-bg: #f00;
 }
 html.dz {
 	--fg: #4d4;
@@ -380,7 +387,6 @@ html.dz {
 	--fg2-max: #fff;
 	--fg-weak: #2a2;

-	--bg-u7: #020;
 	--bg-u6: #020;
 	--bg-u5: #050;
 	--bg-u4: #020;
@@ -413,6 +419,9 @@ html.dz {
 	--btn-1-bg: #4f4;
 	--btn-1h-fg: var(--btn-1-fg);
 	--btn-1h-bg: #3f3;
+	--btn-bs: 0 0 0 .1em #080 inset;
+	--btn-1-bs: a;
+
 	--chk-fg: var(--tab-alt);
 	--txt-sh: var(--bg-d2);
 	--txt-bg: var(--btn-bg);
@@ -434,12 +443,6 @@ html.dz {
 	--u2-b-fg: #fff;
 	--u2-b1-bg: #3a3;
 	--u2-b2-bg: #3a3;
-	--u2-o-bg: var(--btn-bg);
-	--u2-o-b1: var(--bg-u5);
-	--u2-o-h-bg: var(--fg-weak);
-	--u2-o-1-bg: var(--fg-weak);
-	--u2-o-1-b1: var(--a);
-	--u2-o-1h-bg: var(--a);
 	--u2-inf-bg: #07a;
 	--u2-inf-b1: #0be;
 	--u2-ok-bg: #380;
@@ -551,10 +554,6 @@ html.dy {
 	--u2-tab-1-bg: a;
 	--u2-b1-bg: #000;
 	--u2-b2-bg: #000;
-	--u2-o-h-bg: #999;
-	--u2-o-1h-bg: #999;
-	--u2-o-bg: #eee;
-	--u2-o-1-bg: #000;

 	--ud-b1: a;

@@ -963,6 +962,8 @@ html.y #path a:hover {
 #files tbody tr.play a:hover {
 	color: var(--btn-1h-fg);
 	background: var(--btn-1h-bg);
+	box-shadow: var(--btn-1h-bs);
+	border-bottom: var(--btn-1h-bb);
 }
 #ggrid {
 	margin: -.2em -.5em;
@@ -971,6 +972,7 @@ html.y #path a:hover {
 	overflow: hidden;
 	display: block;
 	display: -webkit-box;
+	line-clamp: var(--grid-ln);
 	-webkit-line-clamp: var(--grid-ln);
 	-webkit-box-orient: vertical;
 	padding-top: .3em;
@@ -1145,6 +1147,7 @@ html.y #widget.open {
 	width: 100%;
 	height: 100%;
 }
+#fshr,
 #wtgrid,
 #wtico {
 	position: relative;
@@ -1331,6 +1334,7 @@ html.y #widget.open {
 #widget.cmp #wtoggle {
 	font-size: 1.2em;
 }
+#widget.cmp #fshr,
 #widget.cmp #wtgrid {
 	display: none;
 }
@@ -1431,7 +1435,11 @@ input[type="checkbox"]+label {
 input[type="radio"]:checked+label,
 input[type="checkbox"]:checked+label {
 	color: #0e0;
-	color: var(--a);
+	color: var(--btn-1-bg);
+}
+input[type="checkbox"]:checked+label {
+	box-shadow: var(--btn-1-bs);
+	border-bottom: var(--btn-1-bb);
 }
 html.dz input {
 	font-family: 'scp', monospace, monospace;
@@ -1609,6 +1617,8 @@ html {
 	color: var(--btn-fg);
 	background: #eee;
 	background: var(--btn-bg);
+	box-shadow: var(--btn-bs);
+	border-bottom: var(--btn-bb);
 	border-radius: .3em;
 	padding: .2em .4em;
 	font-size: 1.2em;
@@ -1622,20 +1632,14 @@ html.c .btn,
 html.a .btn {
 	border-radius: .2em;
 }
-html.cz .btn {
-	box-shadow: 0 .1em .6em rgba(255,0,185,0.5);
-	border-bottom: .2em solid #709;
-}
 html.dz .btn {
 	font-size: 1em;
-	box-shadow: 0 0 0 .1em #080 inset;
-}
-html.dz .tgl.btn.on {
-	box-shadow: 0 0 0 .1em var(--btn-1-bg) inset;
 }
 .btn:hover {
 	color: var(--btn-h-fg);
 	background: var(--btn-h-bg);
+	box-shadow: var(--btn-h-bs);
+	border-bottom: var(--btn-h-bb);
 }
 .tgl.btn.on {
 	background: #000;
@@ -1643,14 +1647,14 @@ html.dz .tgl.btn.on {
 	color: #fff;
 	color: var(--btn-1-fg);
 	text-shadow: none;
-}
-html.cz .tgl.btn.on {
-	box-shadow: 0 .1em .8em rgba(255,205,0,0.9);
-	border-bottom: .2em solid #e90;
+	box-shadow: var(--btn-1-bs);
+	border-bottom: var(--btn-1-bb);
 }
 .tgl.btn.on:hover {
-	background: var(--btn-1h-bg);
 	color: var(--btn-1h-fg);
+	background: var(--btn-1h-bg);
+	box-shadow: var(--btn-1h-bs);
+	border-bottom: var(--btn-1h-bb);
 }
 #detree {
 	padding: .3em .5em;
@@ -1855,6 +1859,7 @@ html.y #tree.nowrap .ntree a+a:hover {
 #unpost td:nth-child(4) {
 	text-align: right;
 }
+#shui,
 #rui {
 	background: #fff;
 	background: var(--bg);
@@ -1870,13 +1875,25 @@ html.y #tree.nowrap .ntree a+a:hover {
 	padding: 1em;
 	z-index: 765;
 }
+#shui div+div,
 #rui div+div {
 	margin-top: 1em;
 }
+#shui table,
 #rui table {
 	width: 100%;
 	border-collapse: collapse;
 }
+#shui button {
+	margin: 0 1em 0 0;
+}
+#shui .btn {
+	font-size: 1em;
+}
+#shui td {
+	padding: .8em 0;
+}
+#shui td+td,
 #rui td+td {
 	padding: .2em 0 .2em .5em;
 }
@@ -1884,10 +1901,15 @@ html.y #tree.nowrap .ntree a+a:hover {
 	font-family: 'scp', monospace, monospace;
 	font-family: var(--font-mono), 'scp', monospace, monospace;
 }
+#shui td+td,
 #rui td+td,
+#shui td input[type="text"],
 #rui td input[type="text"] {
 	width: 100%;
 }
+#shui td.exs input[type="text"] {
+	width: 3em;
+}
 #rn_f.m td:first-child {
 	white-space: nowrap;
 }
@@ -2682,23 +2704,25 @@ html.b #u2conf a.b:hover {
 #u2conf input[type="checkbox"]:checked+label {
 	position: relative;
 	cursor: pointer;
-	background: var(--u2-o-bg);
-	border-bottom: .2em solid var(--u2-o-b1);
-	box-shadow: 0 .1em .3em var(--u2-o-sh) inset;
+	background: var(--btn-bg);
+	box-shadow: var(--btn-bs);
+	border-bottom: var(--btn-bb);
 	text-shadow: 1px 1px 1px #000, 1px -1px 1px #000, -1px -1px 1px #000, -1px 1px 1px #000;
 }
 #u2conf input[type="checkbox"]:checked+label {
-	background: var(--u2-o-1-bg);
-	border-bottom: .2em solid var(--u2-o-1-b1);
-	box-shadow: 0 .1em .5em var(--u2-o-1-sh);
+	background: var(--btn-1-bg);
+	box-shadow: var(--btn-1-bs);
+	border-bottom: var(--btn-1-bb);
 }
 #u2conf input[type="checkbox"]+label:hover {
-	box-shadow: 0 .1em .3em var(--u2-o-h-sh);
-	border-color: var(--u2-o-h-b1);
-	background: var(--u2-o-h-bg);
+	background: var(--btn-h-bg);
+	box-shadow: var(--btn-h-bs);
+	border-bottom: var(--btn-h-bb);
 }
 #u2conf input[type="checkbox"]:checked+label:hover {
-	background: var(--u2-o-1h-bg);
+	background: var(--btn-1h-bg);
+	box-shadow: var(--btn-1h-bs);
+	border-bottom: var(--btn-1h-bb);
 }
 #op_up2k.srch #u2conf td:nth-child(2)>*,
 #op_up2k.srch #u2conf td:nth-child(3)>* {
@@ -3058,14 +3082,6 @@ html.b #ggrid>a {
 html.b .btn {
 	top: -.1em;
 }
-html.b .btn,
-html.b #u2conf a.b,
-html.b #u2conf input[type="checkbox"]:not(:checked)+label {
-	box-shadow: 0 .05em 0 var(--bg-d3) inset;
-}
-html.b .tgl.btn.on {
-	box-shadow: 0 .05em 0 var(--btn-1-is) inset;
-}
 html.b #op_up2k.srch sup {
 	color: #fc0;
 }
--- a/copyparty/web/browser.html
+++ b/copyparty/web/browser.html
@@ -67,14 +67,14 @@
 	<div id="op_up2k" class="opview"></div>

 	<div id="op_cfg" class="opview opbox opwide"></div>
-	
+
 	<h1 id="path">
 		<a href="#" id="entree">🌲</a>
 		{%- for n in vpnodes %}
 		<a href="{{ r }}/{{ n[0] }}">{{ n[1] }}</a>
 		{%- endfor %}
 	</h1>
-	
+
 	<div id="tree"></div>

 <div id="wrap">
@@ -118,11 +118,11 @@

 		</tbody>
 	</table>
-	
+
 	<div id="epi" class="logue">{{ "" if sb_lg else logues[1] }}</div>

 	<h2 id="wfp"><a href="{{ r }}/?h" id="goh">control-panel</a></h2>
-	
+
 	<a href="#" id="repl">π</a>

 </div>
--- a/copyparty/web/browser.js
+++ b/copyparty/web/browser.js
@@ -309,6 +309,11 @@ var Ls = {
 		"fd_emore": "select at least one item to delete",
 		"fc_emore": "select at least one item to cut",

+		"fs_sc": "share the folder you're in",
+		"fs_ss": "share the selected file/folder",
+		"fs_just1": "select one or zero things to share",
+		"fs_ok": "<h6>share-URL created</h6>\npress <code>Enter/OK</code> to Clipboard\npress <code>ESC/Cancel</code> to Close\n\n",
+
 		"frt_dec": "may fix some cases of broken filenames\">url-decode",
 		"frt_rst": "reset modified filenames back to the original ones\">↺ reset",
 		"frt_abrt": "abort and close this window\">❌ cancel",
@@ -826,6 +831,11 @@ var Ls = {
 		"fd_emore": "velg minst én fil som skal slettes",
 		"fc_emore": "velg minst én fil som skal klippes ut",

+		"fs_sc": "del mappen du er i nå",
+		"fs_ss": "del den valgte filen/mappen",
+		"fs_just1": "velg 1 eller 0 ting å dele",
+		"fs_ok": "<h6>URL opprettet</h6>\ntrykk <code>Enter/OK</code> for å kopiere linken (for CTRL-V)\ntrykk <code>ESC/Avbryt</code> for å bare bekrefte\n\n",
+
 		"frt_dec": "kan korrigere visse ødelagte filnavn\">url-decode",
 		"frt_rst": "nullstiller endringer (tilbake til de originale filnavnene)\">↺ reset",
 		"frt_abrt": "avbryt og lukk dette vinduet\">❌ avbryt",
@@ -1089,6 +1099,7 @@ ebi('widget').innerHTML = (
 	'<div id="wtoggle">' +
 	'<span id="wfs"></span>' +
 	'<span id="wfm"><a' +
+	' href="#" id="fshr" tt="' + L.wt_shr + '">📨<span>share</span></a><a' +
 	' href="#" id="fren" tt="' + L.wt_ren + '">✎<span>name</span></a><a' +
 	' href="#" id="fdel" tt="' + L.wt_del + '">⌫<span>del.</span></a><a' +
 	' href="#" id="fcut" tt="' + L.wt_cut + '">✂<span>cut</span></a><a' +
@@ -2543,6 +2554,7 @@ function mpause(e) {
 			if (!dist || !mp.au)
 				return true;

+			dist *= -1;
 			mp.setvol(mp.vol + dist / 500);
 			vbar.draw();
 			ev(e);
@@ -3690,6 +3702,7 @@ var fileman = (function () {
 		bdel = ebi('fdel'),
 		bcut = ebi('fcut'),
 		bpst = ebi('fpst'),
+		bshr = ebi('fshr'),
 		t_paste,
 		r = {};

@@ -3704,17 +3717,33 @@ var fileman = (function () {
 			r.clip = jread('fman_clip', []).slice(1);

 		var sel = msel.getsel(),
-			nsel = sel.length;
+			nsel = sel.length,
+			enren = nsel,
+			endel = nsel,
+			encut = nsel,
+			enpst = r.clip && r.clip.length,
+			enshr = nsel < 2,
+			hren = !(have_mv && has(perms, 'write') && has(perms, 'move')),
+			hdel = !(have_del && has(perms, 'delete')),
+			hcut = !(have_mv && has(perms, 'move')),
+			hpst = !(have_mv && has(perms, 'write')),
+			hshr = !(have_shr && acct != '*' && (has(perms, 'read') || has(perms, 'write')));

-		clmod(bren, 'en', nsel);
-		clmod(bdel, 'en', nsel);
-		clmod(bcut, 'en', nsel);
-		clmod(bpst, 'en', r.clip && r.clip.length);
+		if (!(enren || endel || encut || enpst))
+			hren = hdel = hcut = hpst = true;
+
+		clmod(bren, 'en', enren);
+		clmod(bdel, 'en', endel);
+		clmod(bcut, 'en', encut);
+		clmod(bpst, 'en', enpst);
+		clmod(bshr, 'en', enshr);
+
+		clmod(bren, 'hide', hren);
+		clmod(bdel, 'hide', hdel);
+		clmod(bcut, 'hide', hcut);
+		clmod(bpst, 'hide', hpst);
+		clmod(bshr, 'hide', hshr);

-		clmod(bren, 'hide', !(have_mv && has(perms, 'write') && has(perms, 'move')));
-		clmod(bdel, 'hide', !(have_del && has(perms, 'delete')));
-		clmod(bcut, 'hide', !(have_mv && has(perms, 'move')));
-		clmod(bpst, 'hide', !(have_mv && has(perms, 'write')));
 		clmod(ebi('wfm'), 'act', QS('#wfm a.en:not(.hide)'));

 		var wfs = ebi('wfs'), h = '';
@@ -3725,6 +3754,7 @@ var fileman = (function () {
 		clmod(wfs, 'act', h);

 		bpst.setAttribute('tt', L.ft_paste.format(r.clip.length));
+		bshr.setAttribute('tt', nsel ? L.fs_ss : L.fs_sc);
 	};

 	r.fsi = function (sel) {
@@ -3762,6 +3792,163 @@ var fileman = (function () {
 		return ret;
 	};

+	r.share = function (e) {
+		ev(e);
+
+		var sel = msel.getsel();
+		if (sel.length > 1)
+			return toast.err(3, L.fs_just1);
+
+		var vp = get_evpath();
+		if (sel.length)
+			vp = sel[0].vp;
+
+		vp = uricom_dec(vp.split('?')[0]);
+
+		var shui = ebi('shui');
+		if (!shui) {
+			shui = mknod('div', 'shui');
+			document.body.appendChild(shui);
+		}
+		shui.style.display = 'block';
+
+		var html = [
+			'<div>',
+			'<table>',
+			'<tr><td colspan="2">',
+			'<button id="sh_abrt">❌ abort</button>',
+			'<button id="sh_rand">🎲 random</button>',
+			'<button id="sh_apply">✅ create share</button>',
+			'</td></tr>',
+			'<tr><td>name</td><td><input type="text" id="sh_k" ' + NOAC + ' tt="name your link" /></td></tr>',
+			'<tr><td>source</td><td><input type="text" id="sh_vp" ' + NOAC + ' readonly tt="the file or folder to share" /></td></tr>',
+			'<tr><td>passwd</td><td><input type="text" id="sh_pw" ' + NOAC + ' tt="optional password" /></td></tr>',
+			'<tr><td>expiry</td><td class="exs">',
+			'<input type="text" id="sh_exm" ' + NOAC + ' /> min / ',
+			'<input type="text" id="sh_exh" ' + NOAC + ' /> hours / ',
+			'<input type="text" id="sh_exd" ' + NOAC + ' /> days',
+			'</td></tr>',
+			'<tr><td>perms</td><td class="sh_axs">',
+		];
+		for (var a = 0; a < perms.length; a++)
+			if (perms[a] != 'admin')
+				html.push('<a href="#" class="tgl btn">' + perms[a] + '</a>');
+
+		html.push('</td></tr></div');
+		shui.innerHTML = html.join('\n');
+
+		var sh_rand = ebi('sh_rand'),
+			sh_abrt = ebi('sh_abrt'),
+			sh_apply = ebi('sh_apply'),
+			exm = ebi('sh_exm'),
+			exh = ebi('sh_exh'),
+			exd = ebi('sh_exd'),
+			sh_k = ebi('sh_k'),
+			sh_vp = ebi('sh_vp');
+			sh_pw = ebi('sh_pw');
+
+		function setexp(a, b) {
+			a = parseFloat(a);
+			if (!isNum(a))
+				return;
+
+			var v = a * b;
+			swrite('fsh_exp', v);
+
+			if (exm.value != v) exm.value = Math.round(v * 10) / 10; v /= 60;
+			if (exh.value != v) exh.value = Math.round(v * 10) / 10; v /= 24;
+			if (exd.value != v) exd.value = Math.round(v * 10) / 10;
+		}
+		function setdef() {
+			setexp(icfg_get('fsh_exp', 60 * 24), 1);
+		}
+		setdef();
+
+		exm.oninput = function () { setexp(this.value, 1); };
+		exh.oninput = function () { setexp(this.value, 60); };
+		exd.oninput = function () { setexp(this.value, 60 * 24); };
+		exm.onfocus = exh.onfocus = exd.onfocus = function () {
+			this.value = '';
+		};
+		exm.onblur = exh.onblur = exd.onblur = setdef;
+
+		exm.onkeydown = exh.onkeydown = exd.onkeydown =
+		sh_k.onkeydown = sh_pw.onkeydown = function (e) {
+			var kc = (e.code || e.key) + '';
+			if (kc.endsWith('Enter'))
+				sh_apply.click();
+		};
+
+		sh_abrt.onclick = function () {
+			shui.parentNode.removeChild(shui);
+		};
+		sh_rand.onclick = function () {
+			var v = randstr(12).replace(/l/g, 'n');
+			if (sel.length && !noq_href(ebi(sel[0].id)).endsWith('/'))
+				v += '.' + vp.split('.').pop();
+			sh_k.value = v;
+		};
+		tt.att(shui);
+
+		var pbtns = QSA('#shui .sh_axs a');
+		for (var a = 0; a < pbtns.length; a++)
+			pbtns[a].onclick = shspf;
+
+		function shspf() {
+			clmod(this, 'on', 't');
+		}
+		clmod(pbtns[0], 'on', 1);
+
+		sh_vp.value = vp;
+
+		sh_k.oninput = function (e) {
+			var v = this.value,
+				v2 = v.replace(/[^0-9a-zA-Z\.-]/g, '_');
+
+			if (v != v2)
+				this.value = v2;
+		};
+
+		function shr_cb() {
+			if (this.status !== 201) {
+				shui.style.display = 'block';
+				var msg = unpre(this.responseText);
+				toast.err(9, msg);
+				return;
+			}
+			var surl = this.responseText;
+			modal.confirm(L.fs_ok + esc(surl), function() {
+				cliptxt(surl, function () {
+					toast.ok(1, 'copied to clipboard');
+				});
+			});
+		}
+
+		sh_apply.onclick = function () {
+			if (!sh_k.value)
+				sh_rand.click();
+
+			var plist = [];
+			for (var a = 0; a < pbtns.length; a++)
+				if (clgot(pbtns[a], 'on'))
+					plist.push(pbtns[a].textContent);
+
+			shui.style.display = 'none';
+			var body = {
+				"k": sh_k.value,
+				"vp": sh_vp.value,
+				"pw": sh_pw.value,
+				"exp": exm.value,
+				"perms": plist,
+			};
+			var xhr = new XHR();
+			xhr.open('POST', SR + '/?share', true);
+			xhr.setRequestHeader('Content-Type', 'text/plain');
+			xhr.onload = xhr.onerror = shr_cb;
+			xhr.send(JSON.stringify(body));
+		};
+	};
+
 	r.rename = function (e) {
 		ev(e);
 		if (clgot(bren, 'hide'))
@@ -4338,6 +4525,7 @@ var fileman = (function () {
 	bdel.onclick = r.delete;
 	bcut.onclick = r.cut;
 	bpst.onclick = r.paste;
+	bshr.onclick = r.share;

 	return r;
 })();
@@ -5348,6 +5536,9 @@ var ahotkeys = function (e) {
 		if (ebi('rn_cancel'))
 			return ebi('rn_cancel').click();

+		if (ebi('sh_abrt'))
+			return ebi('sh_abrt').click();
+
 		if (QS('.opview.act'))
 			return QS('#ops>a').click();

@@ -8030,7 +8221,7 @@ function sandbox(tgt, rules, cls, html) {
 	}

 	html = '<html class="iframe ' + document.documentElement.className +
-		'"><head><style>html{background:#eee;color:#000}\n' + globalcss() +
+		'"><head><style>html{background:#eee;color:#000}</style><style>' + globalcss() +
 		'</style><base target="_parent"></head><body id="b" class="logue ' + cls + '">' + html +
 		'<script>' + env + '</script>' + sandboxjs() +
 		'<script>var d=document.documentElement,TS="' + TS + '",' +
--- a/copyparty/web/browser2.html
+++ b/copyparty/web/browser2.html
@@ -51,11 +51,11 @@

 		</tbody>
 	</table>
-	
+
 	{%- if logues[1] %}
 	<div>{{ logues[1] }}</div><br />
 	{%- endif %}
-	
+
 	<h2><a href="{{ r }}/{{ url_suf }}{{ url_suf and '&amp;' or '?' }}h">control-panel</a></h2>

 </body>
--- a/copyparty/web/md.html
+++ b/copyparty/web/md.html
@@ -49,7 +49,7 @@
 		<div id="mp" class="mdo"></div>
 	</div>
 	<a href="#" id="repl">π</a>
-	
+
 	{%- if edit %}
 	<div id="helpbox">
 		<textarea autocomplete="off">
@@ -125,7 +125,7 @@ write markdown (most html is 🙆 too)
 		</textarea>
 	</div>
 	{%- endif %}
-	
+
 	<script>

 var SR = {{ r|tojson }},
--- a/copyparty/web/shares.css
+++ b/copyparty/web/shares.css
@@ -0,0 +1,79 @@
+html {
+	color: #333;
+	background: #f7f7f7;
+	font-family: sans-serif;
+	font-family: var(--font-main), sans-serif;
+	touch-action: manipulation;
+}
+#wrap {
+	margin: 2em auto;
+	padding: 0 1em 3em 1em;
+	line-height: 2.3em;
+}
+#wrap>span {
+    margin: 0 0 0 1em;
+    border-bottom: 1px solid #999;
+}
+li {
+	margin: 1em 0;
+}
+a {
+	color: #047;
+	background: #fff;
+	text-decoration: none;
+	white-space: nowrap;
+	border-bottom: 1px solid #8ab;
+	border-radius: .2em;
+	padding: .2em .6em;
+	margin: 0 .3em;
+}
+td a {
+	margin: 0;
+}
+#w {
+	color: #fff;
+	background: #940;
+	border-color: #b70;
+}
+#repl {
+	border: none;
+	background: none;
+	color: inherit;
+	padding: 0;
+	position: fixed;
+	bottom: .25em;
+	left: .2em;
+}
+table {
+	border-collapse: collapse;
+    position: relative;
+}
+th {
+	top: -1px;
+	position: sticky;
+    background: #f7f7f7;
+}
+td, th {
+	padding: .3em .6em;
+	text-align: left;
+	white-space: nowrap;
+}
+
+
+
+html.z {
+	background: #222;
+	color: #ccc;
+}
+html.z a {
+	color: #fff;
+	background: #057;
+	border-color: #37a;
+}
+html.z th {
+    background: #222;
+}
+html.bz {
+	color: #bbd;
+	background: #11121d;
+}
--- a/copyparty/web/shares.html
+++ b/copyparty/web/shares.html
@@ -0,0 +1,74 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+	<meta charset="utf-8">
+	<title>{{ s_doctitle }}</title>
+	<meta http-equiv="X-UA-Compatible" content="IE=edge">
+	<meta name="viewport" content="width=device-width, initial-scale=0.8">
+	<meta name="theme-color" content="#{{ tcolor }}">
+	<link rel="stylesheet" media="screen" href="{{ r }}/.cpr/shares.css?_={{ ts }}">
+	<link rel="stylesheet" media="screen" href="{{ r }}/.cpr/ui.css?_={{ ts }}">
+{{ html_head }}
+</head>
+
+<body>
+	<div id="wrap">
+		<a id="a" href="{{ r }}/?shares" class="af">refresh</a>
+		<a id="a" href="{{ r }}/?h" class="af">controlpanel</a>
+
+        <span>axs = perms (read,write,move,delet)</span>
+        <span>st 1=file 2=dir</span>
+        <span>min/hrs = time left</span>
+
+        <table><tr>
+            <th>delete</th>
+            <th>sharekey</th>
+            <th>pw</th>
+            <th>source</th>
+            <th>axs</th>
+            <th>st</th>
+            <th>user</th>
+            <th>created</th>
+            <th>expires</th>
+            <th>min</th>
+            <th>hrs</th>
+        </tr>
+        {% for k, pw, vp, pr, st, un, t0, t1 in rows %}
+        <tr>
+            <td><a href="#" k="{{ k }}">delete</a></td>
+            <td><a href="{{ r }}{{ shr }}{{ k }}">{{ k }}</a></td>
+            <td>{{ pw }}</td>
+            <td><a href="{{ r }}/{{ vp|e }}">{{ vp|e }}</a></td>
+            <td>{{ pr }}</td>
+            <td>{{ st }}</td>
+            <td>{{ un|e }}</td>
+            <td>{{ t0 }}</td>
+            <td>{{ t1 }}</td>
+            <td>{{ (t1 - now) // 60 if t1 else "never" }}</td>
+            <td>{{ (t1 - now) // 3600 if t1 else "never" }}</td>
+        </tr>
+        {% endfor %}
+        </table>
+        {% if not rows %}
+        (you don't have any active shares btw)
+        {% endif %}
+	<script>
+
+var SR = {{ r|tojson }},
+    shr="{{ shr }}",
+	lang="{{ lang }}",
+	dfavico="{{ favico }}";
+
+var STG = window.localStorage;
+document.documentElement.className = (STG && STG.cpp_thm) || "{{ this.args.theme }}";
+
+</script>
+<script src="{{ r }}/.cpr/util.js?_={{ ts }}"></script>
+<script src="{{ r }}/.cpr/shares.js?_={{ ts }}"></script>
+{%- if js %}
+<script src="{{ js }}_={{ ts }}"></script>
+{%- endif %}
+</body>
+</html>
+
--- a/copyparty/web/shares.js
+++ b/copyparty/web/shares.js
@@ -0,0 +1,19 @@
+var t = QSA('a[k]');
+for (var a = 0; a < t.length; a++)
+    t[a].onclick = rm;
+
+function rm() {
+    var u = SR + shr + uricom_enc(this.getAttribute('k')) + '?unshare',
+        xhr = new XHR();
+    
+    xhr.open('POST', u, true);
+    xhr.onload = xhr.onerror = cb;
+    xhr.send();
+}
+
+function cb() {
+    if (this.status !== 200)
+        return modal.alert('<h6>server error</h6>' + esc(unpre(this.responseText)));
+    
+    document.location = '?shares';
+}
--- a/copyparty/web/splash.css
+++ b/copyparty/web/splash.css
@@ -182,13 +182,18 @@ html.z a.g {
 	border-color: #af4;
 	box-shadow: 0 .3em 1em #7d0;
 }
+form {
+	line-height: 2.5em;
+}
+#x,
 input {
 	color: #a50;
 	background: #fff;
 	border: 1px solid #a50;
-	border-radius: .5em;
-	padding: .5em .7em;
-	margin: 0 .5em 0 0;
+	border-radius: .3em;
+	padding: .25em .6em;
+	margin: 0 .3em 0 0;
+	font-size: 1em;
 }
 input::placeholder {
 	font-size: 1.2em;
@@ -197,6 +202,7 @@ input::placeholder {
 	opacity: 0.64;
 	color: #930;
 }
+#x,
 html.z input {
 	color: #fff;
 	background: #626;
--- a/copyparty/web/splash.html
+++ b/copyparty/web/splash.html
@@ -21,7 +21,7 @@
 			<p id="b">howdy stranger &nbsp; <small>(you're not logged in)</small></p>
 		{%- else %}
 			<a id="c" href="{{ r }}/?pw=x" class="logout">logout</a>
-			<p><span id="m">welcome back,</span> <strong>{{ this.uname }}</strong></p>
+			<p><span id="m">welcome back,</span> <strong>{{ this.uname|e }}</strong></p>
 		{%- endif %}

 		{%- if msg %}
@@ -76,8 +76,12 @@
 		</ul>
 		{%- endif %}

-		<h1 id="cc">client config:</h1>
+		<h1 id="cc">other stuff:</h1>
 		<ul>
+			{%- if this.uname != '*' and this.args.shr %}
+			<li><a id="y" href="{{ r }}/?shares">edit shares</a></li>
+			{% endif %}
+
 			{% if k304 or k304vis %}
 			{% if k304 %}
 			<li><a id="h" href="{{ r }}/?k304=n">disable k304</a> (currently enabled)
@@ -92,11 +96,14 @@

 		<h1 id="l">login for more:</h1>
 		<div>
-			<form method="post" enctype="multipart/form-data" action="{{ r }}/{{ qvpath }}">
-				<input type="hidden" name="act" value="login" />
-				<input type="password" name="cppwd" placeholder=" password" />
+			<form id="lf" method="post" enctype="multipart/form-data" action="{{ r }}/{{ qvpath }}">
+				<input type="hidden" id="la" name="act" value="login" />
+				<input type="password" id="lp" name="cppwd" placeholder=" password" />
 				<input type="hidden" name="uhash" id="uhash" value="x" />
-				<input type="submit" value="Login" />
+				<input type="submit" id="ls" value="Login" />
+				{% if chpw %}
+				<a id="x" href="#">change password</a>
+				{% endif %}
 				{% if ahttps %}
 				<a id="w" href="{{ ahttps }}">switch to https</a>
 				{% endif %}
--- a/copyparty/web/splash.js
+++ b/copyparty/web/splash.js
@@ -9,7 +9,7 @@ var Ls = {
 		"e2": "leser inn konfigurasjonsfiler på nytt$N(kontoer, volumer, volumbrytere)$Nog kartlegger alle e2ds-volumer$N$Nmerk: endringer i globale parametere$Nkrever en full restart for å ta gjenge",
 		"f1": "du kan betrakte:",
 		"g1": "du kan laste opp til:",
-		"cc1": "klient-konfigurasjon",
+		"cc1": "brytere og sånt",
 		"h1": "skru av k304",
 		"i1": "skru på k304",
 		"j1": "k304 bryter tilkoplingen for hver HTTP 304. Dette hjelper mot visse mellomtjenere som kan sette seg fast / plutselig slutter å laste sider, men det reduserer også ytelsen betydelig",
@@ -27,12 +27,20 @@ var Ls = {
 		"v1": "koble til",
 		"v2": "bruk denne serveren som en lokal harddisk$N$NADVARSEL: kommer til å vise passordet ditt!",
 		"w1": "bytt til https",
+		"x1": "bytt passord",
+		"y1": "dine delinger",
+		"ta1": "du må skrive et nytt passord først",
+		"ta2": "gjenta for å bekrefte nytt passord:",
+		"ta3": "fant en skrivefeil; vennligst prøv igjen",
 	},
 	"eng": {
 		"d2": "shows the state of all active threads",
 		"e2": "reload config files (accounts/volumes/volflags),$Nand rescan all e2ds volumes$N$Nnote: any changes to global settings$Nrequire a full restart to take effect",
 		"u2": "time since the last server write$N( upload / rename / ... )$N$N17d = 17 days$N1h23 = 1 hour 23 minutes$N4m56 = 4 minutes 56 seconds",
 		"v2": "use this server as a local HDD$N$NWARNING: this will show your password!",
+		"ta1": "fill in your new password first",
+		"ta2": "repeat to confirm new password:",
+		"ta3": "found a typo; please try again",
 	}
 };

@@ -74,3 +82,42 @@ if (o && /[0-9]+$/.exec(o.innerHTML))
 	o.innerHTML = shumantime(o.innerHTML);

 ebi('uhash').value = '' + location.hash;
+
+(function() {
+	if (!ebi('x'))
+		return;
+
+	var pwi = ebi('lp');
+
+	function redo(msg) {
+		modal.alert(msg, function() {
+			pwi.value = '';
+			pwi.focus();
+		});
+	}
+	function mok(v) {
+		if (v !== pwi.value)
+			return redo(d.ta3);
+
+		pwi.setAttribute('name', 'pw');
+		ebi('la').value = 'chpw';
+		ebi('lf').submit();
+	}
+	function stars() {
+		var m = ebi('modali');
+		function enstars(n) {
+			setTimeout(function() { m.value = ''; }, n);
+		}
+		m.setAttribute('type', 'password');
+		enstars(17);
+		enstars(32);
+		enstars(69);
+	}
+	ebi('x').onclick = function (e) {
+		ev(e);
+		if (!pwi.value)
+			return redo(d.ta1);
+
+		modal.prompt(d.ta2, "y", mok, null, stars);
+	};
+})();
--- a/copyparty/web/util.js
+++ b/copyparty/web/util.js
@@ -473,6 +473,24 @@ function crc32(str) {
 }


+function randstr(len) {
+    var ret = '';
+    try {
+        var ar = new Uint32Array(Math.floor((len + 3) / 4));
+        crypto.getRandomValues(ar);
+        for (var a = 0; a < ar.length; a++)
+            ret += ('000' + ar[a].toString(36)).slice(-4);
+        return ret.slice(0, len);
+    }
+    catch (ex) {
+        console.log('using unsafe randstr because ' + ex);
+        while (ret.length < len)
+            ret += ('000' + Math.floor(Math.random() * 1679616).toString(36)).slice(-4);
+        return ret.slice(0, len);
+    }
+}
+
+
 function clmod(el, cls, add) {
    if (!el)
        return false;
--- a/docs/changelog.md
+++ b/docs/changelog.md
@@ -1,3 +1,47 @@
+▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀  
+# 2024-0813-0008  `v1.13.8`  hook into place
+
+## new features
+
+* #86 intentional side-effects from hooks 6c94a63f
+  * use hooks (plugins) to conditionally move uploads into another folder depending on filename, extension, uploader ip/name, file contents, ...
+  * hooks can create additional files and tell copyparty to index them immediately, or delete an existing file based on some condition
+  * only one example so far though, [reloc-by-ext](https://github.com/9001/copyparty/tree/hovudstraum/bin/hooks#before-upload) which was a feature-request to dodge [sharex#3992](https://github.com/ShareX/ShareX/issues/3992)
+* listen on unix-sockets ee9aad82
+  * `-i unix:/tmp/party.sock` stops listening on TCP ports entirely, and only listens on that unix-socket
+  * can be combined with regular sockets, `-i 127.0.0.1,unix:/tmp/a.sock`
+  * kinda buggy for now (need to `--xff-src=any` and doesn't let you set socket-perms yet), will be fixed in next ver
+  * makes it 10% faster, but more importantly offers tighter access control behind reverse-proxies
+    * inspired by https://www.oligo.security/blog/0-0-0-0-day-exploiting-localhost-apis-from-the-browser
+* up2k stitching:
+  * more optimal stitch sizes for max throughput across connections c862ec1b
+  * improve fat32 compatibility 373194c3
+* new option `--js-other` to load custom javascript dbd42bc6
+  * `--js-browser` affects the filebrowser page, `--js-other` does all the others
+  * endless possibilities, such as [adding a login-banner](https://github.com/9001/copyparty/blob/hovudstraum/contrib/plugins/banner.js) which [looks like this](https://github.com/user-attachments/assets/8ae8e087-b209-449c-b08d-74e040f0284b)
+* list detected optional dependencies on startup 3db117d8
+  * hopefully reduces the guesswork / jank factor by a tiny bit
+
+## bugfixes
+
+* up2k stitching:
+  * put the request headers on a diet so they fit through more reverse-proxies 0da719f4
+* fix deadlock on s390x (IBM mainframes) 250c8c56
+
+## other changes
+
+* add flags to disengage [features](https://github.com/9001/copyparty/tree/hovudstraum#feature-chickenbits) and [dependencies](https://github.com/9001/copyparty/tree/hovudstraum#dependency-chickenbits) in case they cause trouble 72361c99
+* optimizations
+  * 6% faster on average d5c9c8eb
+  * docker: reduce ram usage 98ffaadf
+  * python2: reduce ram usage ebb19818
+* docker: add [portainer howto](https://github.com/9001/copyparty/blob/hovudstraum/docs/examples/docker/portainer.md) e136231c
+* update deps ca001c85
+  * pyftpdlib 1.5.10
+  * copyparty.exe: python 3.12.5
+
+
+
 ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀  
 # 2024-0729-2028  `v1.13.6`  not that big

--- a/docs/devnotes.md
+++ b/docs/devnotes.md
@@ -1,7 +1,7 @@
 ## devnotes toc

 * top
-* [future plans](#future-plans) - some improvement ideas
+* [future ideas](#future-ideas) - list of dreams which will probably never happen
 * [design](#design)
    * [up2k](#up2k) - quick outline of the up2k protocol
        * [why not tus](#why-not-tus) - I didn't know about [tus](https://tus.io/)
@@ -27,9 +27,9 @@
    * [discarded ideas](#discarded-ideas)


-# future plans
+# future ideas

-some improvement ideas
+list of dreams which will probably never happen

 * the JS is a mess -- a ~~preact~~ rewrite would be nice
  * preferably without build dependencies like webpack/babel/node.js, maybe a python thing to assemble js files into main.js
@@ -139,6 +139,7 @@ authenticate using header `Cookie: cppwd=foo` or url param `&pw=foo`
 | GET | `?tar&w` | pregenerate webp thumbnails |
 | GET | `?tar&j` | pregenerate jpg thumbnails |
 | GET | `?tar&p` | pregenerate audio waveforms |
+| GET | `?shares` | list your shared files/folders |
 | GET | `?ups` | show recent uploads from your IP |
 | GET | `?ups&filter=f` | ...where URL contains `f` |
 | GET | `?mime=foo` | specify return mimetype `foo` |
@@ -175,6 +176,8 @@ authenticate using header `Cookie: cppwd=foo` or url param `&pw=foo`
 | mPOST | `?media` | `f=FILE` | ...and return medialink (not hotlink) |
 | mPOST | | `act=mkdir`, `name=foo` | create directory `foo` at URL |
 | POST | `?delete` | | delete URL recursively |
+| POST | `?unshare` | | stop sharing a file/folder |
+| jPOST | `?share` | (complicated) | create temp URL for file/folder |
 | jPOST | `?delete` | `["/foo","/bar"]` | delete `/foo` and `/bar` recursively |
 | uPOST | | `msg=foo` | send message `foo` into server log |
 | mPOST | | `act=tput`, `body=TEXT` | overwrite markdown document at URL |
--- a/docs/notes.sh
+++ b/docs/notes.sh
@@ -141,6 +141,9 @@ find -maxdepth 1 -printf '%s %p\n' | sort -n | awk '!/-([0-9a-zA-Z_-]{11})\.(mkv
 # unique stacks in a stackdump
 f=a; rm -rf stacks; mkdir stacks; grep -E '^#' $f | while IFS= read -r n; do awk -v n="$n" '!$0{o=0} o; $0==n{o=1}' <$f >stacks/f; h=$(sha1sum <stacks/f | cut -c-16); mv stacks/f stacks/$h-"$n"; done ; find stacks/ | sort | uniq -cw24

+# find unused css variables
+cat browser.css | sed -r 's/(var\()/\n\1/g' | awk '{sub(/:/," ")} $1~/^--/{d[$1]=1} /var\(/{sub(/.*var\(/,"");sub(/\).*/,"");u[$1]=1} END{for (x in u) delete d[x]; for (x in d) print x}' | tr '\n' '|'
+

 ##
 ## sqlite3 stuff
--- a/scripts/sfx.ls
+++ b/scripts/sfx.ls
@@ -103,6 +103,9 @@ copyparty/web/mde.html,
 copyparty/web/mde.js,
 copyparty/web/msg.css,
 copyparty/web/msg.html,
+copyparty/web/shares.css,
+copyparty/web/shares.html,
+copyparty/web/shares.js,
 copyparty/web/splash.css,
 copyparty/web/splash.html,
 copyparty/web/splash.js,
--- a/tests/util.py
+++ b/tests/util.py
@@ -119,7 +119,7 @@ class Cfg(Namespace):
    def __init__(self, a=None, v=None, c=None, **ka0):
        ka = {}

-        ex = "daw dav_auth dav_inf dav_mac dav_rt e2d e2ds e2dsa e2t e2ts e2tsr e2v e2vu e2vp early_ban ed emp exp force_js getmod grid gsel hardlink ih ihead magic never_symlink nid nih no_acode no_athumb no_dav no_dedup no_del no_dupe no_lifetime no_logues no_mv no_pipe no_poll no_readme no_robots no_sb_md no_sb_lg no_scandir no_tarcmp no_thumb no_vthumb no_zip nrand nw og og_no_head og_s_title q rand smb srch_dbg stats uqe vague_403 vc ver write_uplog xdev xlink xvol"
+        ex = "chpw daw dav_auth dav_inf dav_mac dav_rt e2d e2ds e2dsa e2t e2ts e2tsr e2v e2vu e2vp early_ban ed emp exp force_js getmod grid gsel hardlink ih ihead magic never_symlink nid nih no_acode no_athumb no_dav no_dedup no_del no_dupe no_lifetime no_logues no_mv no_pipe no_poll no_readme no_robots no_sb_md no_sb_lg no_scandir no_tarcmp no_thumb no_vthumb no_zip nrand nw og og_no_head og_s_title q rand smb srch_dbg stats uqe vague_403 vc ver write_uplog xdev xlink xvol"
        ka.update(**{k: False for k in ex.split()})

        ex = "dotpart dotsrch hook_v no_dhash no_fastboot no_rescan no_sendfile no_snap no_voldump re_dhash plain_ip"
@@ -137,7 +137,7 @@ class Cfg(Namespace):
        ex = "db_act k304 loris re_maxage rproxy rsp_jtr rsp_slp s_wr_slp snap_wri theme themes turbo"
        ka.update(**{k: 0 for k in ex.split()})

-        ex = "ah_alg bname doctitle df exit favico idp_h_usr html_head lg_sbf log_fk md_sbf name og_desc og_site og_th og_title og_title_a og_title_v og_title_i tcolor textfiles unlist vname R RS SR"
+        ex = "ah_alg bname chpw_db doctitle df exit favico idp_h_usr html_head lg_sbf log_fk md_sbf name og_desc og_site og_th og_title og_title_a og_title_v og_title_i shr tcolor textfiles unlist vname R RS SR"
        ka.update(**{k: "" for k in ex.split()})

        ex = "grp on403 on404 xad xar xau xban xbd xbr xbu xiu xm"
@@ -170,6 +170,7 @@ class Cfg(Namespace):
            s_wr_sz=256 * 1024,
            sort="href",
            srch_hits=99999,
+            SRS="/",
            th_covers=["folder.png"],
            th_coversd=["folder.png"],
            th_covers_set=set(["folder.png"]),
@@ -232,7 +233,7 @@ class VHttpSrv(object):
        self.nreq = 0
        self.nsus = 0

-        aliases = ["splash", "browser", "browser2", "msg", "md", "mde"]
+        aliases = ["splash", "shares", "browser", "browser2", "msg", "md", "mde"]
        self.j2 = {x: J2_FILES for x in aliases}

        self.gpwd = Garda("")
Author	SHA1	Message	Date
ed	c4b0cccefd	v1.14.0	2024-08-18 23:11:36 +00:00
ed	7c2beba555	add file/folder sharing; closes #84	2024-08-18 22:49:13 +00:00
ed	7d8d94388b	invert volume scrollwheel <daniiooo> also iirc some time ago we were talking about the scroll for volume ed <daniiooo> and how its reversed <ed> is it reversed though? most people said it worked the way they expected <daniiooo> fuck maybe i agreed back then too <daniiooo> its the opposite in both aimp and mpv though <ed> is it w <tatsu> its a feature <Devices> it's to keep you on your toes <Devices> consciously use copyparty <ed> i can invert it no problem <ed> would be a nice surprise for anyone who's used it <Flaminator> Scroll down turns the audio down right? <daniiooo> ye it makes it louder in cpp <Devices> why would scrolling down make something louder <Vin> yeah that's odd <Vin> scrolling up should make it louder <Flaminator> It's what it does for me in winamp, mpc-hc and foobar2000. <daniiooo> so now the question is who itc agreed to whats currently in cpp <daniiooo> haha <ed> idk but i'm inverting it <ed> let's invert it every 6 months	2024-08-17 20:36:59 +00:00
ed	0b46b1a614	fix some vproxy issues (#93 ): * navpane would always feed the vproxy paths into the tree instead of only when necessary (the initial load) * mkdir would return `X-New-Dir` without the `rp-loc` prefix * chpw and some other redirects also sent raw vpaths Reported-by: @iridial	2024-08-17 18:17:40 +00:00
ed	5153db6bff	ux: login margin; theme2: yellow buttons the red buttons from protonmail's monokai theme look better, but they're confusing because intuitively red means off	2024-08-17 15:55:55 +00:00
ed	b0af4b3712	hook/reloc: dupe in one vol doesn't mean dupe in another	2024-08-16 21:08:22 +00:00
ed	c8f4aeaefa	hook/reloc: fix up2k jank * wark landed in the wrong registry when moved to another volume (harmless; upload would succeed on the next handshake) * dedup did not apply correctly when moved into another volume, since all the checks were done based on the previous vol; fix this by recursing the whole thing also update the reloc example after some real-world experience Reported-by: @daniiooo	2024-08-15 19:26:06 +00:00
ed	00da74400c	password-changer fixes: * fix `--chpw-no` which did nothing * print list of users with unchanged passwords by default * more granular verbosity levels	2024-08-15 17:30:01 +00:00
ed	83fb569d61	make passwords user-changeable; closes #92	2024-08-14 20:09:57 +00:00
ed	5a62cb4869	fix custom fonts in sandboxed docs; `@import` must be at the very start of a `<style>` tag Reported-by: @thaddeuskkr (thx!)	2024-08-14 15:30:04 +00:00
ed	687df2fabd	unix-socket fixes: * support x-forwarded-for * option to specify socket permissions and group * in containers, avoid collision during restart * add --help-bind with examples	2024-08-14 04:47:10 +00:00
ed	cdd0794d6e	update pkgs to 1.13.8	2024-08-13 00:20:04 +00:00