v1.1.12

fix PUT response in write-only folders
clarify what the app does
2025-11-02 04:53:15 +00:00 · 2022-01-18 22:28:33 +01:00 · 2022-01-18 21:37:11 +01:00 · 2022-01-17 00:31:23 +00:00 · 2022-01-17 00:27:23 +00:00 · 2022-01-17 00:24:40 +00:00
29 changed files with 1377 additions and 157 deletions
--- a/README.md
+++ b/README.md
@@ -16,6 +16,13 @@ turn your phone or raspi into a portable file server with resumable uploads/down
 📷 **screenshots:** [browser](#the-browser) // [upload](#uploading) // [unpost](#unpost) // [thumbnails](#thumbnails) // [search](#searching) // [fsearch](#file-search) // [zip-DL](#zip-downloads) // [md-viewer](#markdown-viewer) // [ie4](#browser-support)


+## get the app
+
+<a href="https://f-droid.org/packages/me.ocv.partyup/"><img src="https://ocv.me/fdroid.png" alt="Get it on F-Droid" height="50" /> '' <img src="https://img.shields.io/f-droid/v/me.ocv.partyup.svg" alt="f-droid version info" /></a> '' <a href="https://github.com/9001/party-up"><img src="https://img.shields.io/github/release/9001/party-up.svg?logo=github" alt="github version info" /></a>
+
+(the app is **NOT** the full copyparty server! just a basic upload client, nothing fancy yet)
+
+
 ## readme toc

 * top
@@ -449,7 +456,7 @@ see [up2k](#up2k) for details on how it works

 ![copyparty-upload-fs8](https://user-images.githubusercontent.com/241032/129635371-48fc54ca-fa91-48e3-9b1d-ba413e4b68cb.png)

-**protip:** you can avoid scaring away users with [docs/minimal-up2k.html](docs/minimal-up2k.html) which makes it look [much simpler](https://user-images.githubusercontent.com/241032/118311195-dd6ca380-b4ef-11eb-86f3-75a3ff2e1332.png)
+**protip:** you can avoid scaring away users with [contrib/plugins/minimal-up2k.html](contrib/plugins/minimal-up2k.html) which makes it look [much simpler](https://user-images.githubusercontent.com/241032/118311195-dd6ca380-b4ef-11eb-86f3-75a3ff2e1332.png)

 **protip:** if you enable `favicon` in the `[⚙️] settings` tab (by typing something into the textbox), the icon in the browser tab will indicate upload progress

--- a/bin/README.md
+++ b/bin/README.md
@@ -5,6 +5,11 @@
 * if something breaks just restart it


+# [`partyjournal.py`](partyjournal.py)
+produces a chronological list of all uploads by collecting info from up2k databases and the filesystem
+* outputs a standalone html file
+* optional mapping from IP-addresses to nicknames
+

 # [`copyparty-fuse.py`](copyparty-fuse.py)
 * mount a copyparty server as a local filesystem (read-only)
--- a/bin/copyparty-fuseb.py
+++ b/bin/copyparty-fuseb.py
@@ -11,14 +11,18 @@ import re
 import os
 import sys
 import time
+import json
 import stat
 import errno
 import struct
+import codecs
+import platform
 import threading
 import http.client  # py2: httplib
 import urllib.parse
 from datetime import datetime
 from urllib.parse import quote_from_bytes as quote
+from urllib.parse import unquote_to_bytes as unquote

 try:
    import fuse
@@ -38,7 +42,7 @@ except:
 mount a copyparty server (local or remote) as a filesystem

 usage:
-  python ./copyparty-fuseb.py -f -o allow_other,auto_unmount,nonempty,url=http://192.168.1.69:3923 /mnt/nas
+  python ./copyparty-fuseb.py -f -o allow_other,auto_unmount,nonempty,pw=wark,url=http://192.168.1.69:3923 /mnt/nas

 dependencies:
  sudo apk add fuse-dev python3-dev
@@ -50,6 +54,10 @@ fork of copyparty-fuse.py based on fuse-python which
 """


+WINDOWS = sys.platform == "win32"
+MACOS = platform.system() == "Darwin"
+
+
 def threadless_log(msg):
    print(msg + "\n", end="")

@@ -93,6 +101,41 @@ def html_dec(txt):
    )


+def register_wtf8():
+    def wtf8_enc(text):
+        return str(text).encode("utf-8", "surrogateescape"), len(text)
+
+    def wtf8_dec(binary):
+        return bytes(binary).decode("utf-8", "surrogateescape"), len(binary)
+
+    def wtf8_search(encoding_name):
+        return codecs.CodecInfo(wtf8_enc, wtf8_dec, name="wtf-8")
+
+    codecs.register(wtf8_search)
+
+
+bad_good = {}
+good_bad = {}
+
+
+def enwin(txt):
+    return "".join([bad_good.get(x, x) for x in txt])
+
+    for bad, good in bad_good.items():
+        txt = txt.replace(bad, good)
+
+    return txt
+
+
+def dewin(txt):
+    return "".join([good_bad.get(x, x) for x in txt])
+
+    for bad, good in bad_good.items():
+        txt = txt.replace(good, bad)
+
+    return txt
+
+
 class CacheNode(object):
    def __init__(self, tag, data):
        self.tag = tag
@@ -115,8 +158,9 @@ class Stat(fuse.Stat):


 class Gateway(object):
-    def __init__(self, base_url):
+    def __init__(self, base_url, pw):
        self.base_url = base_url
+        self.pw = pw

        ui = urllib.parse.urlparse(base_url)
        self.web_root = ui.path.strip("/")
@@ -135,8 +179,7 @@ class Gateway(object):
        self.conns = {}

    def quotep(self, path):
-        # TODO: mojibake support
-        path = path.encode("utf-8", "ignore")
+        path = path.encode("wtf-8")
        return quote(path, safe="/")

    def getconn(self, tid=None):
@@ -159,20 +202,29 @@ class Gateway(object):
        except:
            pass

-    def sendreq(self, *args, **kwargs):
+    def sendreq(self, *args, **ka):
        tid = get_tid()
+        if self.pw:
+            ck = "cppwd=" + self.pw
+            try:
+                ka["headers"]["Cookie"] = ck
+            except:
+                ka["headers"] = {"Cookie": ck}
        try:
            c = self.getconn(tid)
-            c.request(*list(args), **kwargs)
+            c.request(*list(args), **ka)
            return c.getresponse()
        except:
            self.closeconn(tid)
            c = self.getconn(tid)
-            c.request(*list(args), **kwargs)
+            c.request(*list(args), **ka)
            return c.getresponse()

    def listdir(self, path):
-        web_path = self.quotep("/" + "/".join([self.web_root, path])) + "?dots"
+        if bad_good:
+            path = dewin(path)
+
+        web_path = self.quotep("/" + "/".join([self.web_root, path])) + "?dots&ls"
        r = self.sendreq("GET", web_path)
        if r.status != 200:
            self.closeconn()
@@ -182,9 +234,12 @@ class Gateway(object):
                )
            )

-        return self.parse_html(r)
+        return self.parse_jls(r)

    def download_file_range(self, path, ofs1, ofs2):
+        if bad_good:
+            path = dewin(path)
+
        web_path = self.quotep("/" + "/".join([self.web_root, path])) + "?raw"
        hdr_range = "bytes={}-{}".format(ofs1, ofs2 - 1)
        log("downloading {}".format(hdr_range))
@@ -200,40 +255,27 @@ class Gateway(object):

        return r.read()

-    def parse_html(self, datasrc):
-        ret = []
-        remainder = b""
-        ptn = re.compile(
-            r"^<tr><td>(-|DIR)</td><td><a [^>]+>([^<]+)</a></td><td>([^<]+)</td><td>([^<]+)</td></tr>$"
-        )
-
+    def parse_jls(self, datasrc):
+        rsp = b""
        while True:
-            buf = remainder + datasrc.read(4096)
-            # print('[{}]'.format(buf.decode('utf-8')))
+            buf = datasrc.read(1024 * 32)
            if not buf:
                break

-            remainder = b""
-            endpos = buf.rfind(b"\n")
-            if endpos >= 0:
-                remainder = buf[endpos + 1 :]
-                buf = buf[:endpos]
+            rsp += buf

-            lines = buf.decode("utf-8").split("\n")
-            for line in lines:
-                m = ptn.match(line)
-                if not m:
-                    # print(line)
-                    continue
+        rsp = json.loads(rsp.decode("utf-8"))
+        ret = []
+        for statfun, nodes in [
+            [self.stat_dir, rsp["dirs"]],
+            [self.stat_file, rsp["files"]],
+        ]:
+            for n in nodes:
+                fname = unquote(n["href"].split("?")[0]).rstrip(b"/").decode("wtf-8")
+                if bad_good:
+                    fname = enwin(fname)

-                ftype, fname, fsize, fdate = m.groups()
-                fname = html_dec(fname)
-                ts = datetime.strptime(fdate, "%Y-%m-%d %H:%M:%S").timestamp()
-                sz = int(fsize)
-                if ftype == "-":
-                    ret.append([fname, self.stat_file(ts, sz), 0])
-                else:
-                    ret.append([fname, self.stat_dir(ts, sz), 0])
+                ret.append([fname, statfun(n["ts"], n["sz"]), 0])

        return ret

@@ -262,6 +304,7 @@ class CPPF(Fuse):
        Fuse.__init__(self, *args, **kwargs)

        self.url = None
+        self.pw = None

        self.dircache = []
        self.dircache_mtx = threading.Lock()
@@ -271,7 +314,7 @@ class CPPF(Fuse):

    def init2(self):
        # TODO figure out how python-fuse wanted this to go
-        self.gw = Gateway(self.url)  # .decode('utf-8'))
+        self.gw = Gateway(self.url, self.pw)  # .decode('utf-8'))
        info("up")

    def clean_dircache(self):
@@ -536,6 +579,8 @@ class CPPF(Fuse):

    def getattr(self, path):
        log("getattr [{}]".format(path))
+        if WINDOWS:
+            path = enwin(path)  # windows occasionally decodes f0xx to xx

        path = path.strip("/")
        try:
@@ -568,9 +613,25 @@ class CPPF(Fuse):

 def main():
    time.strptime("19970815", "%Y%m%d")  # python#7980
+    register_wtf8()
+    if WINDOWS:
+        os.system("rem")
+
+        for ch in '<>:"\\|?*':
+            # microsoft maps illegal characters to f0xx
+            # (e000 to f8ff is basic-plane private-use)
+            bad_good[ch] = chr(ord(ch) + 0xF000)
+
+        for n in range(0, 0x100):
+            # map surrogateescape to another private-use area
+            bad_good[chr(n + 0xDC00)] = chr(n + 0xF100)
+
+        for k, v in bad_good.items():
+            good_bad[v] = k

    server = CPPF()
    server.parser.add_option(mountopt="url", metavar="BASE_URL", default=None)
+    server.parser.add_option(mountopt="pw", metavar="PASSWORD", default=None)
    server.parse(values=server, errex=1)
    if not server.url or not str(server.url).startswith("http"):
        print("\nerror:")
@@ -578,7 +639,7 @@ def main():
        print("  need argument: mount-path")
        print("example:")
        print(
-            "  ./copyparty-fuseb.py -f -o allow_other,auto_unmount,nonempty,url=http://192.168.1.69:3923 /mnt/nas"
+            "  ./copyparty-fuseb.py -f -o allow_other,auto_unmount,nonempty,pw=wark,url=http://192.168.1.69:3923 /mnt/nas"
        )
        sys.exit(1)

--- a/bin/mtag/install-deps.sh
+++ b/bin/mtag/install-deps.sh
@@ -4,7 +4,7 @@ set -e

 # install dependencies for audio-*.py
 #
-# linux/alpine: requires {python3,ffmpeg,fftw}-dev py3-{wheel,pip} py3-numpy{,-dev} vamp-sdk-dev patchelf cmake
+# linux/alpine: requires {python3,ffmpeg,fftw}-dev py3-{wheel,pip} py3-numpy{,-dev} patchelf cmake
 # linux/debian: requires libav{codec,device,filter,format,resample,util}-dev {libfftw3,python3}-dev python3-{numpy,pip} vamp-{plugin-sdk,examples} patchelf cmake
 # win64: requires msys2-mingw64 environment
 # macos: requires macports
@@ -101,8 +101,11 @@ export -f dl_files


 github_tarball() {
+	rm -rf g
+	mkdir g
+	cd g
 	dl_text "$1" |
-	tee json |
+	tee ../json |
 	(
 		# prefer jq if available
 		jq -r '.tarball_url' ||
@@ -111,8 +114,11 @@ github_tarball() {
 		awk -F\" '/"tarball_url": "/ {print$4}'
 	) |
 	tee /dev/stderr |
+	head -n 1 |
 	tr -d '\r' | tr '\n' '\0' |
 	xargs -0 bash -c 'dl_files "$@"' _
+	mv * ../tgz
+	cd ..
 }


@@ -127,6 +133,7 @@ gitlab_tarball() {
 		tr \" '\n' | grep -E '\.tar\.gz$' | head -n 1
 	) |
 	tee /dev/stderr |
+	head -n 1 |
 	tr -d '\r' | tr '\n' '\0' |
 	tee links |
 	xargs -0 bash -c 'dl_files "$@"' _
@@ -138,10 +145,17 @@ install_keyfinder() {
 	#   use msys2 in mingw-w64 mode
 	#   pacman -S --needed mingw-w64-x86_64-{ffmpeg,python}
 	
-	github_tarball https://api.github.com/repos/mixxxdj/libkeyfinder/releases/latest
+	[ -e $HOME/pe/keyfinder ] && {
+		echo found a keyfinder build in ~/pe, skipping
+		return
+	}

-	tar -xf mixxxdj-libkeyfinder-*
-	rm -- *.tar.gz
+	cd "$td"
+	github_tarball https://api.github.com/repos/mixxxdj/libkeyfinder/releases/latest
+	ls -al
+
+	tar -xf tgz
+	rm tgz
 	cd mixxxdj-libkeyfinder*
 	
 	h="$HOME"
@@ -208,6 +222,22 @@ install_vamp() {
 	
 	$pybin -m pip install --user vamp

+	cd "$td"
+	echo '#include <vamp-sdk/Plugin.h>' | gcc -x c -c -o /dev/null - || [ -e ~/pe/vamp-sdk ] || {
+		printf '\033[33mcould not find the vamp-sdk, building from source\033[0m\n'
+		(dl_files yolo https://code.soundsoftware.ac.uk/attachments/download/2588/vamp-plugin-sdk-2.9.0.tar.gz)
+		sha512sum -c <(
+			echo "7ef7f837d19a08048b059e0da408373a7964ced452b290fae40b85d6d70ca9000bcfb3302cd0b4dc76cf2a848528456f78c1ce1ee0c402228d812bd347b6983b  -"
+		) <vamp-plugin-sdk-2.9.0.tar.gz
+		tar -xf vamp-plugin-sdk-2.9.0.tar.gz
+		rm -- *.tar.gz
+		ls -al
+		cd vamp-plugin-sdk-*
+		./configure --prefix=$HOME/pe/vamp-sdk
+		make -j1 install
+	}
+
+	cd "$td"
 	have_beatroot || {
 		printf '\033[33mcould not find the vamp beatroot plugin, building from source\033[0m\n'
 		(dl_files yolo https://code.soundsoftware.ac.uk/attachments/download/885/beatroot-vamp-v1.0.tar.gz)
@@ -215,8 +245,11 @@ install_vamp() {
 			echo "1f444d1d58ccf565c0adfe99f1a1aa62789e19f5071e46857e2adfbc9d453037bc1c4dcb039b02c16240e9b97f444aaff3afb625c86aa2470233e711f55b6874  -"
 		) <beatroot-vamp-v1.0.tar.gz
 		tar -xf beatroot-vamp-v1.0.tar.gz 
+		rm -- *.tar.gz
 		cd beatroot-vamp-v1.0
-		make -f Makefile.linux -j4
+		[ -e ~/pe/vamp-sdk ] &&
+			sed -ri 's`^(CFLAGS :=.*)`\1 -I'$HOME'/pe/vamp-sdk/include`' Makefile.linux
+		make -f Makefile.linux -j4 LDFLAGS=-L$HOME/pe/vamp-sdk/lib
 		# /home/ed/vamp /home/ed/.vamp /usr/local/lib/vamp
 		mkdir ~/vamp
 		cp -pv beatroot-vamp.* ~/vamp/
@@ -230,6 +263,7 @@ install_vamp() {

 # not in use because it kinda segfaults, also no windows support
 install_soundtouch() {
+	cd "$td"
 	gitlab_tarball https://gitlab.com/api/v4/projects/soundtouch%2Fsoundtouch/releases
 	
 	tar -xvf soundtouch-*
--- a/bin/mtag/res/twitter-unmute.user.js
+++ b/bin/mtag/res/twitter-unmute.user.js
@@ -0,0 +1,21 @@
+// ==UserScript==
+// @name         twitter-unmute
+// @namespace    http://ocv.me/
+// @version      0.1
+// @description  memes
+// @author       ed <irc.rizon.net>
+// @match        https://twitter.com/*
+// @icon         https://www.google.com/s2/favicons?domain=twitter.com
+// @grant        GM_addStyle
+// ==/UserScript==
+
+function grunnur() {
+    setInterval(function () {
+        //document.querySelector('div[aria-label="Unmute"]').click();
+        document.querySelector('video').muted = false;
+    }, 200);
+}
+
+var scr = document.createElement('script');
+scr.textContent = '(' + grunnur.toString() + ')();';
+(document.head || document.getElementsByTagName('head')[0]).appendChild(scr);
--- a/bin/mtag/very-bad-idea.py
+++ b/bin/mtag/very-bad-idea.py
@@ -0,0 +1,139 @@
+#!/usr/bin/env python3
+
+"""
+use copyparty as a chromecast replacement:
+  * post a URL and it will open in the default browser
+  * upload a file and it will open in the default application
+  * the `key` command simulates keyboard input
+  * the `x` command executes other xdotool commands
+  * the `c` command executes arbitrary unix commands
+
+the android app makes it a breeze to post pics and links:
+  https://github.com/9001/party-up/releases
+  (iOS devices have to rely on the web-UI)
+
+goes without saying, but this is HELLA DANGEROUS,
+  GIVES RCE TO ANYONE WHO HAVE UPLOAD PERMISSIONS
+
+example copyparty config to use this:
+  --urlform save,get -v.::w:c,e2d,e2t,mte=+a1:c,mtp=a1=ad,bin/mtag/very-bad-idea.py
+
+recommended deps:
+  apt install xdotool libnotify-bin
+  https://github.com/9001/copyparty/blob/hovudstraum/contrib/plugins/meadup.js
+
+and you probably want `twitter-unmute.user.js` from the res folder
+
+
+-----------------------------------------------------------------------
+-- startup script:
+-----------------------------------------------------------------------
+
+#!/bin/bash
+set -e
+
+# create qr code
+ip=$(ip r | awk '/^default/{print$(NF-2)}'); echo http://$ip:3923/ | qrencode -o - -s 4 >/dev/shm/cpp-qr.png
+/usr/bin/feh -x /dev/shm/cpp-qr.png &
+
+# reposition and make topmost (with janky raspbian support)
+( sleep 0.5
+xdotool search --name cpp-qr.png windowactivate --sync windowmove 1780 0
+wmctrl -r :ACTIVE: -b toggle,above || true
+
+ps aux | grep -E 'sleep[ ]7\.27' ||
+while true; do
+  w=$(xdotool getactivewindow)
+  xdotool search --name cpp-qr.png windowactivate windowraise windowfocus
+  xdotool windowactivate $w
+  xdotool windowfocus $w
+  sleep 7.27 || break
+done &
+xeyes  # distraction window to prevent ^w from closing the qr-code
+) &
+
+# bail if copyparty is already running
+ps aux | grep -E '[3] copy[p]arty' && exit 0
+
+# dumb chrome wrapper to allow autoplay
+cat >/usr/local/bin/chromium-browser <<'EOF'
+#!/bin/bash
+set -e
+/usr/bin/chromium-browser --autoplay-policy=no-user-gesture-required "$@"
+EOF
+chmod 755 /usr/local/bin/chromium-browser
+
+# start the server  (note: replace `-v.::rw:` with `-v.::r:` to disallow retrieving uploaded stuff)
+cd ~/Downloads; python3 copyparty-sfx.py --urlform save,get -v.::rw:c,e2d,e2t,mte=+a1:c,mtp=a1=ad,very-bad-idea.py
+
+"""
+
+
+import os
+import sys
+import time
+import subprocess as sp
+from urllib.parse import unquote_to_bytes as unquote
+
+
+def main():
+    fp = os.path.abspath(sys.argv[1])
+    with open(fp, "rb") as f:
+        txt = f.read(4096)
+
+    if txt.startswith(b"msg="):
+        open_post(txt)
+    else:
+        open_url(fp)
+
+
+def open_post(txt):
+    txt = unquote(txt.replace(b"+", b" ")).decode("utf-8")[4:]
+    try:
+        k, v = txt.split(" ", 1)
+    except:
+        open_url(txt)
+
+    if k == "key":
+        sp.call(["xdotool", "key"] + v.split(" "))
+    elif k == "x":
+        sp.call(["xdotool"] + v.split(" "))
+    elif k == "c":
+        env = os.environ.copy()
+        while " " in v:
+            v1, v2 = v.split(" ", 1)
+            if "=" not in v1:
+                break
+
+            ek, ev = v1.split("=", 1)
+            env[ek] = ev
+            v = v2
+
+        sp.call(v.split(" "), env=env)
+    else:
+        open_url(txt)
+
+
+def open_url(txt):
+    ext = txt.rsplit(".")[-1].lower()
+    sp.call(["notify-send", "--", txt])
+    if ext not in ["jpg", "jpeg", "png", "gif", "webp"]:
+        # sp.call(["wmctrl", "-c", ":ACTIVE:"])  # closes the active window correctly
+        sp.call(["killall", "vlc"])
+        sp.call(["killall", "mpv"])
+        sp.call(["killall", "feh"])
+        time.sleep(0.5)
+        for _ in range(20):
+            sp.call(["xdotool", "key", "ctrl+w"])  # closes the open tab correctly
+    # else:
+    #    sp.call(["xdotool", "getactivewindow", "windowminimize"])  # minimizes the focused windo
+
+    # close any error messages:
+    sp.call(["xdotool", "search", "--name", "Error", "windowclose"])
+    # sp.call(["xdotool", "key", "ctrl+alt+d"])  # doesnt work at all
+    # sp.call(["xdotool", "keydown", "--delay", "100", "ctrl+alt+d"])
+    # sp.call(["xdotool", "keyup", "ctrl+alt+d"])
+    sp.call(["xdg-open", txt])
+
+
+main()
--- a/bin/partyjournal.py
+++ b/bin/partyjournal.py
@@ -0,0 +1,177 @@
+#!/usr/bin/env python3
+
+"""
+partyjournal.py: chronological history of uploads
+2021-12-31, v0.1, ed <irc.rizon.net>, MIT-Licensed
+https://github.com/9001/copyparty/blob/hovudstraum/bin/partyjournal.py
+
+produces a chronological list of all uploads,
+by collecting info from up2k databases and the filesystem
+
+specify subnet `192.168.1.*` with argument `.=192.168.1.`,
+affecting all successive mappings
+
+usage:
+  ./partyjournal.py > partyjournal.html .=192.168.1. cart=125 steen=114 steen=131 sleepy=121 fscarlet=144 ed=101 ed=123
+
+"""
+
+import sys
+import base64
+import sqlite3
+import argparse
+from datetime import datetime
+from urllib.parse import quote_from_bytes as quote
+from urllib.parse import unquote_to_bytes as unquote
+
+
+FS_ENCODING = sys.getfilesystemencoding()
+
+
+class APF(argparse.ArgumentDefaultsHelpFormatter, argparse.RawDescriptionHelpFormatter):
+    pass
+
+
+##
+## snibbed from copyparty
+
+
+def s3dec(v):
+    if not v.startswith("//"):
+        return v
+
+    v = base64.urlsafe_b64decode(v.encode("ascii")[2:])
+    return v.decode(FS_ENCODING, "replace")
+
+
+def quotep(txt):
+    btxt = txt.encode("utf-8", "replace")
+    quot1 = quote(btxt, safe=b"/")
+    quot1 = quot1.encode("ascii")
+    quot2 = quot1.replace(b" ", b"+")
+    return quot2.decode("utf-8", "replace")
+
+
+def html_escape(s, quote=False, crlf=False):
+    """html.escape but also newlines"""
+    s = s.replace("&", "&amp;").replace("<", "&lt;").replace(">", "&gt;")
+    if quote:
+        s = s.replace('"', "&quot;").replace("'", "&#x27;")
+    if crlf:
+        s = s.replace("\r", "&#13;").replace("\n", "&#10;")
+
+    return s
+
+
+## end snibs
+##
+
+
+def main():
+    ap = argparse.ArgumentParser(formatter_class=APF)
+    ap.add_argument("who", nargs="*")
+    ar = ap.parse_args()
+
+    imap = {}
+    subnet = ""
+    for v in ar.who:
+        if "=" not in v:
+            raise Exception("bad who: " + v)
+
+        k, v = v.split("=")
+        if k == ".":
+            subnet = v
+            continue
+
+        imap["{}{}".format(subnet, v)] = k
+
+    print(repr(imap), file=sys.stderr)
+
+    print(
+        """\
+<!DOCTYPE html>
+<html lang="en">
+<head><meta charset="utf-8"><style>
+
+html, body {
+    color: #ccc;
+    background: #222;
+    font-family: sans-serif;
+}
+a {
+    color: #fc5;
+}
+td, th {
+    padding: .2em .5em;
+    border: 1px solid #999;
+    border-width: 0 1px 1px 0;
+    white-space: nowrap;
+}
+td:nth-child(1),
+td:nth-child(2),
+td:nth-child(3) {
+    font-family: monospace, monospace;
+    text-align: right;
+}
+tr:first-child {
+    position: sticky;
+    top: -1px;
+}
+th {
+    background: #222;
+    text-align: left;
+}
+
+</style></head><body><table><tr>
+    <th>wark</th>
+    <th>time</th>
+    <th>size</th>
+    <th>who</th>
+    <th>link</th>
+</tr>"""
+    )
+
+    db_path = ".hist/up2k.db"
+    conn = sqlite3.connect(db_path)
+    q = r"pragma table_info(up)"
+    inf = conn.execute(q).fetchall()
+    cols = [x[1] for x in inf]
+    print("<!-- " + str(cols) + " -->")
+    # ['w', 'mt', 'sz', 'rd', 'fn', 'ip', 'at']
+
+    q = r"select * from up order by case when at > 0 then at else mt end"
+    for w, mt, sz, rd, fn, ip, at in conn.execute(q):
+        link = "/".join([s3dec(x) for x in [rd, fn] if x])
+        if fn.startswith("put-") and sz < 4096:
+            try:
+                with open(link, "rb") as f:
+                    txt = f.read().decode("utf-8", "replace")
+            except:
+                continue
+
+            if txt.startswith("msg="):
+                txt = txt.encode("utf-8", "replace")
+                txt = unquote(txt.replace(b"+", b" "))
+                link = txt.decode("utf-8")[4:]
+
+        sz = "{:,}".format(sz)
+        v = [
+            w[:16],
+            datetime.utcfromtimestamp(at if at > 0 else mt).strftime(
+                "%Y-%m-%d %H:%M:%S"
+            ),
+            sz,
+            imap.get(ip, ip),
+        ]
+
+        row = "<tr>\n  "
+        row += "\n  ".join(["<td>{}</th>".format(x) for x in v])
+        row += '\n  <td><a href="{}">{}</a></td>'.format(link, html_escape(link))
+        row += "\n</tr>"
+        print(row)
+
+    print("</table></body></html>")
+
+
+if __name__ == "__main__":
+    main()
--- a/bin/prisonparty.sh
+++ b/bin/prisonparty.sh
@@ -11,10 +11,16 @@ sysdirs=( /bin /lib /lib32 /lib64 /sbin /usr )
 help() { cat <<'EOF'

 usage:
-  ./prisonparty.sh <ROOTDIR> <UID> <GID> [VOLDIR [VOLDIR...]] -- copyparty-sfx.py [...]"
+  ./prisonparty.sh <ROOTDIR> <UID> <GID> [VOLDIR [VOLDIR...]] -- python3 copyparty-sfx.py [...]"

 example:
-  ./prisonparty.sh /var/lib/copyparty-jail 1000 1000 /mnt/nas/music -- copyparty-sfx.py -v /mnt/nas/music::rwmd"
+  ./prisonparty.sh /var/lib/copyparty-jail 1000 1000 /mnt/nas/music -- python3 copyparty-sfx.py -v /mnt/nas/music::rwmd"
+
+example for running straight from source (instead of using an sfx):
+  PYTHONPATH=$PWD ./prisonparty.sh /var/lib/copyparty-jail 1000 1000 /mnt/nas/music -- python3 -um copyparty -v /mnt/nas/music::rwmd"
+
+note that if you have python modules installed as --user (such as bpm/key detectors),
+  you should add /home/foo/.local as a VOLDIR

 EOF
 exit 1
@@ -35,10 +41,20 @@ while true; do
 	vols+=( "$(realpath "$v")" )
 done
 pybin="$1"; shift
-pybin="$(realpath "$pybin")"
+pybin="$(command -v "$pybin")"
+pyarg=
+while true; do
+	v="$1"
+	[ "${v:0:1}" = - ] || break
+	pyarg="$pyarg $v"
+	shift
+done
 cpp="$1"; shift
-cpp="$(realpath "$cpp")"
-cppdir="$(dirname "$cpp")"
+[ -d "$cpp" ] && cppdir="$PWD" || {
+	# sfx, not module
+	cpp="$(realpath "$cpp")"
+	cppdir="$(dirname "$cpp")"
+}
 trap - EXIT


@@ -60,11 +76,10 @@ echo

 # remove any trailing slashes
 jail="${jail%/}"
-cppdir="${cppdir%/}"


 # bind-mount system directories and volumes
-printf '%s\n' "${sysdirs[@]}" "${vols[@]}" | LC_ALL=C sort |
+printf '%s\n' "${sysdirs[@]}" "${vols[@]}" | sed -r 's`/$``' | LC_ALL=C sort | uniq |
 while IFS= read -r v; do
 	[ -e "$v" ] || {
 		# printf '\033[1;31mfolder does not exist:\033[0m %s\n' "/$v"
@@ -72,6 +87,7 @@ while IFS= read -r v; do
 	}
 	i1=$(stat -c%D.%i "$v"      2>/dev/null || echo a)
 	i2=$(stat -c%D.%i "$jail$v" 2>/dev/null || echo b)
+	# echo "v [$v] i1 [$i1] i2 [$i2]"
 	[ $i1 = $i2 ] && continue
 	
 	mkdir -p "$jail$v"
@@ -79,21 +95,32 @@ while IFS= read -r v; do
 done


+cln() {
+	rv=$?
+	# cleanup if not in use
+	lsof "$jail" | grep -qF "$jail" &&
+		echo "chroot is in use, will not cleanup" ||
+	{
+		mount | grep -F " on $jail" |
+		awk '{sub(/ type .*/,"");sub(/.* on /,"");print}' |
+		LC_ALL=C sort -r  | tee /dev/stderr | tr '\n' '\0' | xargs -r0 umount
+	}
+	exit $rv
+}
+trap cln EXIT
+
+
 # create a tmp
 mkdir -p "$jail/tmp"
 chmod 777 "$jail/tmp"


 # run copyparty
-/sbin/chroot --userspec=$uid:$gid "$jail" "$pybin" "$cpp" "$@" && rv=0 || rv=$?
+export HOME=$(getent passwd $uid | cut -d: -f6)
+export USER=$(getent passwd $uid | cut -d: -f1)
+export LOGNAME="$USER"
+#echo "pybin [$pybin]"
+#echo "pyarg [$pyarg]"
+#echo "cpp [$cpp]"
+chroot --userspec=$uid:$gid "$jail" "$pybin" $pyarg "$cpp" "$@"

-
-# cleanup if not in use
-lsof "$jail" | grep -qF "$jail" &&
-	echo "chroot is in use, will not cleanup" ||
-{
-	mount | grep -qF " on $jail" |
-	awk '{sub(/ type .*/,"");sub(/.* on /,"");print}' |
-	LC_ALL=C sort -r  | tee /dev/stderr | tr '\n' '\0' | xargs -r0 umount
-}
-exit $rv
--- a/contrib/README.md
+++ b/contrib/README.md
@@ -1,3 +1,6 @@
+### [`plugins/`](plugins/)
+* example extensions
+
 ### [`copyparty.bat`](copyparty.bat)
 * launches copyparty with no arguments (anon read+write within same folder)
 * intended for windows machines with no python.exe in PATH
--- a/contrib/plugins/README.md
+++ b/contrib/plugins/README.md
@@ -0,0 +1,25 @@
+# example resource files
+
+can be provided to copyparty to tweak things
+
+
+
+## example `.epilogue.html`
+save one of these as `.epilogue.html` inside a folder to customize it:
+
+* [`minimal-up2k.html`](minimal-up2k.html) will [simplify the upload ui](https://user-images.githubusercontent.com/241032/118311195-dd6ca380-b4ef-11eb-86f3-75a3ff2e1332.png)
+
+
+
+## example browser-css
+point `--css-browser` to one of these by URL:
+
+* [`browser.css`](browser.css) changes the background
+* [`browser-icons.css`](browser-icons.css) adds filetype icons
+
+
+
+## meadup.js
+
+* turns copyparty into chromecast just more flexible (and probably way more buggy)
+* usage: put the js somewhere in the webroot and `--js-browser /memes/meadup.js`
--- a/contrib/plugins/browser-icons.css
+++ b/contrib/plugins/browser-icons.css
--- a/contrib/plugins/browser.css
+++ b/contrib/plugins/browser.css
--- a/contrib/plugins/meadup.js
+++ b/contrib/plugins/meadup.js
@@ -0,0 +1,506 @@
+// USAGE:
+//   place this file somewhere in the webroot and then
+//   python3 -m copyparty --js-browser /memes/meadup.js
+//
+// FEATURES:
+// * adds an onscreen keyboard for operating a media center remotely,
+//    relies on https://github.com/9001/copyparty/blob/hovudstraum/bin/mtag/very-bad-idea.py
+// * adds an interactive anime girl (if you can find the dependencies)
+
+var hambagas = [
+    "https://www.youtube.com/watch?v=pFA3KGp4GuU"
+];
+
+// keybaord,
+//   onscreen keyboard by @steinuil
+function initKeybaord(BASE_URL, HAMBAGA, consoleLog, consoleError) {
+    document.querySelector('.keybaord-container').innerHTML = `
+      <div class="keybaord-body">
+        <div class="keybaord-row keybaord-row-1">
+          <div class="keybaord-key" data-keybaord-key="Escape">
+            esc
+          </div>
+          <div class="keybaord-key" data-keybaord-key="F1">
+            F1
+          </div>
+          <div class="keybaord-key" data-keybaord-key="F2">
+            F2
+          </div>
+          <div class="keybaord-key" data-keybaord-key="F3">
+            F3
+          </div>
+          <div class="keybaord-key" data-keybaord-key="F4">
+            F4
+          </div>
+          <div class="keybaord-key" data-keybaord-key="F5">
+            F5
+          </div>
+          <div class="keybaord-key" data-keybaord-key="F6">
+            F6
+          </div>
+          <div class="keybaord-key" data-keybaord-key="F7">
+            F7
+          </div>
+          <div class="keybaord-key" data-keybaord-key="F8">
+            F8
+          </div>
+          <div class="keybaord-key" data-keybaord-key="F9">
+            F9
+          </div>
+          <div class="keybaord-key" data-keybaord-key="F10">
+            F10
+          </div>
+          <div class="keybaord-key" data-keybaord-key="F11">
+            F11
+          </div>
+          <div class="keybaord-key" data-keybaord-key="F12">
+            F12
+          </div>
+          <div class="keybaord-key" data-keybaord-key="Insert">
+            ins
+          </div>
+          <div class="keybaord-key" data-keybaord-key="Delete">
+            del
+          </div>
+        </div>
+        <div class="keybaord-row keybaord-row-2">
+          <div class="keybaord-key" data-keybaord-key="\`">
+            \`
+          </div>
+          <div class="keybaord-key" data-keybaord-key="1">
+            1
+          </div>
+          <div class="keybaord-key" data-keybaord-key="2">
+            2
+          </div>
+          <div class="keybaord-key" data-keybaord-key="3">
+            3
+          </div>
+          <div class="keybaord-key" data-keybaord-key="4">
+            4
+          </div>
+          <div class="keybaord-key" data-keybaord-key="5">
+            5
+          </div>
+          <div class="keybaord-key" data-keybaord-key="6">
+            6
+          </div>
+          <div class="keybaord-key" data-keybaord-key="7">
+            7
+          </div>
+          <div class="keybaord-key" data-keybaord-key="8">
+            8
+          </div>
+          <div class="keybaord-key" data-keybaord-key="9">
+            9
+          </div>
+          <div class="keybaord-key" data-keybaord-key="0">
+            0
+          </div>
+          <div class="keybaord-key" data-keybaord-key="-">
+            -
+          </div>
+          <div class="keybaord-key" data-keybaord-key="=">
+            =
+          </div>
+          <div class="keybaord-key keybaord-backspace" data-keybaord-key="BackSpace">
+            backspace
+          </div>
+        </div>
+        <div class="keybaord-row keybaord-row-3">
+          <div class="keybaord-key keybaord-tab" data-keybaord-key="Tab">
+            tab
+          </div>
+          <div class="keybaord-key" data-keybaord-key="q">
+            q
+          </div>
+          <div class="keybaord-key" data-keybaord-key="w">
+            w
+          </div>
+          <div class="keybaord-key" data-keybaord-key="e">
+            e
+          </div>
+          <div class="keybaord-key" data-keybaord-key="r">
+            r
+          </div>
+          <div class="keybaord-key" data-keybaord-key="t">
+            t
+          </div>
+          <div class="keybaord-key" data-keybaord-key="y">
+            y
+          </div>
+          <div class="keybaord-key" data-keybaord-key="u">
+            u
+          </div>
+          <div class="keybaord-key" data-keybaord-key="i">
+            i
+          </div>
+          <div class="keybaord-key" data-keybaord-key="o">
+            o
+          </div>
+          <div class="keybaord-key" data-keybaord-key="p">
+            p
+          </div>
+          <div class="keybaord-key" data-keybaord-key="[">
+            [
+          </div>
+          <div class="keybaord-key" data-keybaord-key="]">
+            ]
+          </div>
+          <div class="keybaord-key keybaord-enter" data-keybaord-key="Return">
+            enter
+          </div>
+        </div>
+        <div class="keybaord-row keybaord-row-4">
+          <div class="keybaord-key keybaord-capslock" data-keybaord-key="HAMBAGA">
+            🍔
+          </div>
+          <div class="keybaord-key" data-keybaord-key="a">
+            a
+          </div>
+          <div class="keybaord-key" data-keybaord-key="s">
+            s
+          </div>
+          <div class="keybaord-key" data-keybaord-key="d">
+            d
+          </div>
+          <div class="keybaord-key" data-keybaord-key="f">
+            f
+          </div>
+          <div class="keybaord-key" data-keybaord-key="g">
+            g
+          </div>
+          <div class="keybaord-key" data-keybaord-key="h">
+            h
+          </div>
+          <div class="keybaord-key" data-keybaord-key="j">
+            j
+          </div>
+          <div class="keybaord-key" data-keybaord-key="k">
+            k
+          </div>
+          <div class="keybaord-key" data-keybaord-key="l">
+            l
+          </div>
+          <div class="keybaord-key" data-keybaord-key=";">
+            ;
+          </div>
+          <div class="keybaord-key" data-keybaord-key="'">
+            '
+          </div>
+          <div class="keybaord-key keybaord-backslash" data-keybaord-key="\\">
+            \\
+          </div>
+        </div>
+        <div class="keybaord-row keybaord-row-5">
+          <div class="keybaord-key keybaord-lshift" data-keybaord-key="Shift_L">
+            shift
+          </div>
+          <div class="keybaord-key" data-keybaord-key="\\">
+            \\
+          </div>
+          <div class="keybaord-key" data-keybaord-key="z">
+            z
+          </div>
+          <div class="keybaord-key" data-keybaord-key="x">
+            x
+          </div>
+          <div class="keybaord-key" data-keybaord-key="c">
+            c
+          </div>
+          <div class="keybaord-key" data-keybaord-key="v">
+            v
+          </div>
+          <div class="keybaord-key" data-keybaord-key="b">
+            b
+          </div>
+          <div class="keybaord-key" data-keybaord-key="n">
+            n
+          </div>
+          <div class="keybaord-key" data-keybaord-key="m">
+            m
+          </div>
+          <div class="keybaord-key" data-keybaord-key=",">
+            ,
+          </div>
+          <div class="keybaord-key" data-keybaord-key=".">
+            .
+          </div>
+          <div class="keybaord-key" data-keybaord-key="/">
+            /
+          </div>
+          <div class="keybaord-key keybaord-rshift" data-keybaord-key="Shift_R">
+            shift
+          </div>
+        </div>
+        <div class="keybaord-row keybaord-row-6">
+          <div class="keybaord-key keybaord-lctrl" data-keybaord-key="Control_L">
+            ctrl
+          </div>
+          <div class="keybaord-key keybaord-super" data-keybaord-key="Meta_L">
+            win
+          </div>
+          <div class="keybaord-key keybaord-alt" data-keybaord-key="Alt_L">
+            alt
+          </div>
+          <div class="keybaord-key keybaord-spacebar" data-keybaord-key="space">
+            space
+          </div>
+          <div class="keybaord-key keybaord-altgr" data-keybaord-key="Alt_R">
+            altgr
+          </div>
+          <div class="keybaord-key keybaord-what" data-keybaord-key="Menu">
+            menu
+          </div>
+          <div class="keybaord-key keybaord-rctrl" data-keybaord-key="Control_R">
+            ctrl
+          </div>
+        </div>
+        <div class="keybaord-row">
+          <div class="keybaord-key" data-keybaord-key="XF86AudioLowerVolume">
+            🔉
+          </div>
+          <div class="keybaord-key" data-keybaord-key="XF86AudioRaiseVolume">
+            🔊
+          </div>
+          <div class="keybaord-key" data-keybaord-key="Left">
+            ⬅️
+          </div>
+          <div class="keybaord-key" data-keybaord-key="Down">
+            ⬇️
+          </div>
+          <div class="keybaord-key" data-keybaord-key="Up">
+            ⬆️
+          </div>
+          <div class="keybaord-key" data-keybaord-key="Right">
+            ➡️
+          </div>
+          <div class="keybaord-key" data-keybaord-key="Page_Up">
+            PgUp
+          </div>
+          <div class="keybaord-key" data-keybaord-key="Page_Down">
+            PgDn
+          </div>
+          <div class="keybaord-key" data-keybaord-key="Home">
+            🏠
+          </div>
+          <div class="keybaord-key" data-keybaord-key="End">
+            End
+          </div>
+        </div>
+      <div>
+    `;
+
+    function arraySample(array) {
+        return array[Math.floor(Math.random() * array.length)];
+    }
+
+    function sendMessage(msg) {
+        return fetch(BASE_URL, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/x-www-form-urlencoded;charset=UTF-8",
+            },
+            body: "msg=" + encodeURIComponent(msg),
+        }).then(
+            (r) => r.text(), // so the response body shows up in network tab
+            (err) => consoleError(err)
+        );
+    }
+    const MODIFIER_ON_CLASS = "keybaord-modifier-on";
+    const KEY_DATASET = "data-keybaord-key";
+    const KEY_CLASS = "keybaord-key";
+
+    const modifiers = new Set()
+
+    function toggleModifier(button, key) {
+        button.classList.toggle(MODIFIER_ON_CLASS);
+        if (modifiers.has(key)) {
+            modifiers.delete(key);
+        } else {
+            modifiers.add(key);
+        }
+    }
+
+    function popModifiers() {
+        let modifierString = "";
+
+        modifiers.forEach((mod) => {
+            document.querySelector("[" + KEY_DATASET + "='" + mod + "']")
+                .classList.remove(MODIFIER_ON_CLASS);
+
+            modifierString += mod + "+";
+        });
+
+        modifiers.clear();
+
+        return modifierString;
+    }
+
+    Array.from(document.querySelectorAll("." + KEY_CLASS)).forEach((button) => {
+        const key = button.dataset.keybaordKey;
+
+        button.addEventListener("click", (ev) => {
+            switch (key) {
+                case "HAMBAGA":
+                    sendMessage(arraySample(HAMBAGA));
+                    break;
+
+                case "Shift_L":
+                case "Shift_R":
+
+                case "Control_L":
+                case "Control_R":
+
+                case "Meta_L":
+
+                case "Alt_L":
+                case "Alt_R":
+                    toggleModifier(button, key);
+                    break;
+
+                default: {
+                    const keyWithModifiers = popModifiers() + key;
+
+                    consoleLog(keyWithModifiers);
+
+                    sendMessage("key " + keyWithModifiers)
+                        .then(() => consoleLog(keyWithModifiers + " OK"));
+                }
+            }
+        });
+    });
+}
+
+
+// keybaord integration
+(function () {
+    var o = mknod('div');
+    clmod(o, 'keybaord-container', 1);
+    ebi('op_msg').appendChild(o);
+
+    o = mknod('style');
+    o.innerHTML = `
+.keybaord-body {
+	display: flex;
+	flex-flow: column nowrap;
+    margin: .6em 0;
+}
+
+.keybaord-row {
+	display: flex;
+}
+
+.keybaord-key {
+	border: 1px solid rgba(128,128,128,0.2);
+	width: 41px;
+	height: 40px;
+
+	display: flex;
+	justify-content: center;
+	align-items: center;
+}
+
+.keybaord-key:active {
+	background-color: lightgrey;
+}
+
+.keybaord-key.keybaord-modifier-on {
+	background-color: lightblue;
+}
+
+.keybaord-key.keybaord-backspace {
+	width: 82px;
+}
+
+.keybaord-key.keybaord-tab {
+	width: 55px;
+}
+
+.keybaord-key.keybaord-enter {
+	width: 69px;
+}
+
+.keybaord-key.keybaord-capslock {
+	width: 80px;
+}
+
+.keybaord-key.keybaord-backslash {
+	width: 88px;
+}
+
+.keybaord-key.keybaord-lshift {
+	width: 65px;
+}
+
+.keybaord-key.keybaord-rshift {
+	width: 103px;
+}
+
+.keybaord-key.keybaord-lctrl {
+	width: 55px;
+}
+
+.keybaord-key.keybaord-super {
+	width: 55px;
+}
+
+.keybaord-key.keybaord-alt {
+	width: 55px;
+}
+
+.keybaord-key.keybaord-altgr {
+	width: 55px;
+}
+
+.keybaord-key.keybaord-what {
+	width: 55px;
+}
+
+.keybaord-key.keybaord-rctrl {
+	width: 55px;
+}
+
+.keybaord-key.keybaord-spacebar {
+	width: 302px;
+}
+`;
+    document.head.appendChild(o);
+
+    initKeybaord('/', hambagas,
+        (msg) => { toast.inf(2, msg.toString()) },
+        (msg) => { toast.err(30, msg.toString()) });
+})();
+
+
+// live2d (dumb pointless meme)
+//   dependencies for this part are not tracked in git
+//   so delete this section if you wanna use this file
+//   (or supply your own l2d model and js)
+(function () {
+    var o = mknod('link');
+    o.setAttribute('rel', 'stylesheet');
+    o.setAttribute('href', "/bad-memes/pio.css");
+    document.head.appendChild(o);
+
+    o = mknod('style');
+    o.innerHTML = '.pio-container{text-shadow:none;z-index:1}';
+    document.head.appendChild(o);
+
+    o = mknod('div');
+    clmod(o, 'pio-container', 1);
+    o.innerHTML = '<div class="pio-action"></div><canvas id="pio" width="280" height="500"></canvas>';
+    document.body.appendChild(o);
+
+    var remaining = 3;
+    for (var a of ['pio', 'l2d', 'fireworks']) {
+        import_js(`/bad-memes/${a}.js`, function () {
+            if (remaining --> 1)
+                return;
+
+            o = mknod('script');
+            o.innerHTML = 'var pio = new Paul_Pio({"selector":[],"mode":"fixed","hidden":false,"content":{"close":"ok bye"},"model":["/bad-memes/sagiri/model.json"]});';
+            document.body.appendChild(o);
+        });
+    }
+})();
--- a/contrib/plugins/minimal-up2k.html
+++ b/contrib/plugins/minimal-up2k.html
--- a/copyparty/version.py
+++ b/copyparty/version.py
@@ -1,8 +1,8 @@
 # coding: utf-8

-VERSION = (1, 1, 6)
+VERSION = (1, 1, 12)
 CODENAME = "opus"
-BUILD_DT = (2021, 12, 7)
+BUILD_DT = (2022, 1, 18)

 S_VERSION = ".".join(map(str, VERSION))
 S_BUILD_DT = "{0:04d}-{1:02d}-{2:02d}".format(*BUILD_DT)
--- a/copyparty/httpcli.py
+++ b/copyparty/httpcli.py
@@ -524,7 +524,7 @@ class HttpCli(object):
                return self.handle_stash()

            if "save" in opt:
-                post_sz, _, _, _, path = self.dump_to_file()
+                post_sz, _, _, _, path, _ = self.dump_to_file()
                self.log("urlform: {} bytes, {}".format(post_sz, path))
            elif "print" in opt:
                reader, _ = self.get_body_reader()
@@ -651,26 +651,46 @@ class HttpCli(object):
                bos.unlink(path)
                raise

-        if not self.args.nw:
-            vfs, vrem = vfs.get_dbv(rem)
-            self.conn.hsrv.broker.put(
-                False,
-                "up2k.hash_file",
-                vfs.realpath,
-                vfs.flags,
-                vrem,
-                fn,
-                self.ip,
-                time.time(),
-            )
+        if self.args.nw:
+            return post_sz, sha_hex, sha_b64, remains, path, ""

-        return post_sz, sha_hex, sha_b64, remains, path
+        vfs, rem = vfs.get_dbv(rem)
+        self.conn.hsrv.broker.put(
+            False,
+            "up2k.hash_file",
+            vfs.realpath,
+            vfs.flags,
+            rem,
+            fn,
+            self.ip,
+            time.time(),
+        )
+
+        vsuf = ""
+        if self.can_read and "fk" in vfs.flags:
+            vsuf = "?k=" + gen_filekey(
+                self.args.fk_salt,
+                path,
+                post_sz,
+                0 if ANYWIN else bos.stat(path).st_ino,
+            )[: vfs.flags["fk"]]
+
+        vpath = "/".join([x for x in [vfs.vpath, rem, fn] if x])
+        vpath = quotep(vpath)
+
+        url = "{}://{}/{}".format(
+            "https" if self.is_https else "http",
+            self.headers.get("host") or "{}:{}".format(*list(self.s.getsockname())),
+            vpath + vsuf,
+        )
+
+        return post_sz, sha_hex, sha_b64, remains, path, url

    def handle_stash(self):
-        post_sz, sha_hex, sha_b64, remains, path = self.dump_to_file()
+        post_sz, sha_hex, sha_b64, remains, path, url = self.dump_to_file()
        spd = self._spd(post_sz)
        self.log("{} wrote {}/{} bytes to {}".format(spd, post_sz, remains, path))
-        m = "{}\n{}\n{}\n".format(post_sz, sha_b64, sha_hex[:56])
+        m = "{}\n{}\n{}\n{}\n".format(post_sz, sha_b64, sha_hex[:56], url)
        self.reply(m.encode("utf-8"))
        return True

@@ -1170,11 +1190,12 @@ class HttpCli(object):
                )[: vfs.flags["fk"]]

            vpath = "{}/{}".format(upload_vpath, lfn).strip("/")
+            rel_url = quotep(vpath) + vsuf
            msg += 'sha512: {} // {} // {} bytes // <a href="/{}">{}</a> {}\n'.format(
                sha_hex[:56],
                sha_b64,
                sz,
-                quotep(vpath) + vsuf,
+                rel_url,
                html_escape(ofn, crlf=True),
                vsuf,
            )
@@ -1183,15 +1204,16 @@ class HttpCli(object):
            jpart = {
                "url": "{}://{}/{}".format(
                    "https" if self.is_https else "http",
-                    self.headers.get("host", "copyparty"),
-                    vpath + vsuf,
+                    self.headers.get("host")
+                    or "{}:{}".format(*list(self.s.getsockname())),
+                    rel_url,
                ),
                "sha512": sha_hex[:56],
                "sha_b64": sha_b64,
                "sz": sz,
                "fn": lfn,
                "fn_orig": ofn,
-                "path": vpath + vsuf,
+                "path": rel_url,
            }
            jmsg["files"].append(jpart)

@@ -1367,6 +1389,9 @@ class HttpCli(object):
            try:
                fs_path = req_path + ext
                st = bos.stat(fs_path)
+                if stat.S_ISDIR(st.st_mode):
+                    continue
+
                file_ts = max(file_ts, st.st_mtime)
                editions[ext or "plain"] = [fs_path, st.st_size]
            except:
@@ -1512,11 +1537,12 @@ class HttpCli(object):
        with open_func(*open_args) as f:
            sendfun = sendfile_kern if use_sendfile else sendfile_py
            remains = sendfun(
-                lower, upper, f, self.s, self.args.s_wr_sz, self.args.s_wr_slp
+                self.log, lower, upper, f, self.s, self.args.s_wr_sz, self.args.s_wr_slp
            )

        if remains > 0:
            logmsg += " \033[31m" + unicode(upper - remains) + "\033[0m"
+            self.keepalive = False

        spd = self._spd((upper - lower) - remains)
        if self.do_log:
@@ -1959,6 +1985,13 @@ class HttpCli(object):
                fmt = "{{}}  {{:{},}}  {{}}"
                nfmt = "{:,}"

+            for x in dirs:
+                n = x["name"] + "/"
+                if arg == "v":
+                    n = "\033[94m" + n
+
+                x["name"] = n
+
            fmt = fmt.format(len(nfmt.format(biggest)))
            ret = [
                "# {}: {}".format(x, ls[x])
--- a/copyparty/mtag.py
+++ b/copyparty/mtag.py
@@ -418,7 +418,8 @@ class MTag(object):

        try:
            md = mutagen.File(fsenc(abspath), easy=True)
-            x = md.info.length
+            if not md.info.length and not md.info.codec:
+                raise Exception()
        except Exception as ex:
            return self.get_ffprobe(abspath) if self.can_ffprobe else {}

--- a/copyparty/tcpsrv.py
+++ b/copyparty/tcpsrv.py
@@ -77,15 +77,18 @@ class TcpSrv(object):
                if "pub" in title_vars and "external" in unicode(desc):
                    hits.append(("pub", ep))

+                if "pub" in title_vars or "all" in title_vars:
+                    hits.append(("all", ep))
+
                for var in title_vars:
                    if var.startswith("ip-") and ep.startswith(var[3:]):
                        hits.append((var, ep))

                for tk, tv in hits:
                    try:
-                        title_tab[tk] += " and {}".format(tv)
+                        title_tab[tk][tv] = 1
                    except:
-                        title_tab[tk] = tv
+                        title_tab[tk] = {tv: 1}

        if msgs:
            msgs[-1] += "\n"
@@ -262,13 +265,22 @@ class TcpSrv(object):
        return eps

    def _set_wintitle(self, vars):
-        if "pub" not in vars:
-            vars["pub"] = "Local-Only"
+        vars["all"] = vars.get("all", {"Local-Only": 1})
+        vars["pub"] = vars.get("pub", vars["all"])
+
+        vars2 = {}
+        for k, eps in vars.items():
+            vars2[k] = {
+                ep: 1
+                for ep in eps.keys()
+                if ":" not in ep or ep.split(":")[0] not in eps
+            }

        title = ""
+        vars = vars2
        for p in self.args.wintitle.split(" "):
            if p.startswith("$"):
-                p = vars.get(p[1:], "(None)")
+                p = " and ".join(sorted(vars.get(p[1:], {"(None)": 1}).keys()))

            title += "{} ".format(p)

--- a/copyparty/util.py
+++ b/copyparty/util.py
@@ -1097,7 +1097,8 @@ def read_socket(sr, total_size):

        buf = sr.recv(bufsz)
        if not buf:
-            raise Pebkac(400, "client d/c during binary post")
+            m = "client d/c during binary post after {} bytes, {} bytes remaining"
+            raise Pebkac(400, m.format(total_size - remains, remains))

        remains -= len(buf)
        yield buf
@@ -1177,7 +1178,7 @@ def hashcopy(fin, fout):
    return tlen, hashobj.hexdigest(), digest_b64


-def sendfile_py(lower, upper, f, s, bufsz, slp):
+def sendfile_py(log, lower, upper, f, s, bufsz, slp):
    remains = upper - lower
    f.seek(lower)
    while remains > 0:
@@ -1197,17 +1198,24 @@ def sendfile_py(lower, upper, f, s, bufsz, slp):
    return 0


-def sendfile_kern(lower, upper, f, s, bufsz, slp):
+def sendfile_kern(log, lower, upper, f, s, bufsz, slp):
    out_fd = s.fileno()
    in_fd = f.fileno()
    ofs = lower
+    stuck = None
    while ofs < upper:
+        stuck = stuck or time.time()
        try:
            req = min(2 ** 30, upper - ofs)
            select.select([], [out_fd], [], 10)
            n = os.sendfile(out_fd, in_fd, ofs, req)
+            stuck = None
        except Exception as ex:
-            # print("sendfile: " + repr(ex))
+            d = time.time() - stuck
+            log("sendfile stuck for {:.3f} sec: {!r}".format(d, ex))
+            if d < 3600 and ex.errno == 11:  # eagain
+                continue
+
            n = 0

        if n <= 0:
--- a/copyparty/web/browser.css
+++ b/copyparty/web/browser.css
@@ -426,6 +426,9 @@ html.light #ggrid>a.sel {
 	opacity: .3;
 	color: #f6c;
 }
+#wfm a.hide {
+	display: none;
+}
 html.light #wfm a:not(.en) {
 	color: #c4a;
 }
@@ -487,7 +490,7 @@ html.light #wfm a:not(.en) {
 	width: calc(100% - 10.5em);
 	background: rgba(0,0,0,0.2);
 }
-@media (min-width: 80em) {
+@media (min-width: 70em) {
 	#barpos,
 	#barbuf {
 		width: calc(100% - 21em);
@@ -679,7 +682,7 @@ input.eq_gain {
 #wrap {
 	margin: 1.8em 1.5em 0 1.5em;
 	min-height: 70vh;
-	padding-bottom: 5em;
+	padding-bottom: 7em;
 }
 #tree {
 	display: none;
@@ -1101,7 +1104,7 @@ html.light #doc .line-highlight {
 #docul li {
 	margin: 0;
 }
-#tree #docul a {
+#tree #docul li+li a {
 	display: block;
 }
 #seldoc.sel {
@@ -1424,6 +1427,7 @@ html.light .opview input[type="text"] {
 	border-color: #38d;
 }
 html.light #u2tab a>span,
+html.light #docul .bn a>span,
 html.light #files td div span {
 	color: #000;
 }
@@ -2149,6 +2153,7 @@ html.light #u2foot .warn span {
 	border-color: #d06;
 }
 #u2tab a>span,
+#docul .bn a>span,
 #unpost a>span {
 	font-weight: bold;
 	font-style: italic;
--- a/copyparty/web/browser.js
+++ b/copyparty/web/browser.js
@@ -204,6 +204,9 @@ ebi('tree').innerHTML = (
 	var ops = QSA('#ops>a');
 	for (var a = 0; a < ops.length; a++) {
 		ops[a].onclick = opclick;
+		var v = ops[a].getAttribute('data-dest');
+		if (v)
+			ops[a].href = '#v=' + v;
 	}
 })();

@@ -1481,7 +1484,7 @@ function play(tid, is_ev, seek, call_depth) {
 			seek_au_sec(seek);
 		}

-		if (!seek) {
+		if (!seek && !ebi('unsearch')) {
 			var o = ebi(oid);
 			o.setAttribute('id', 'thx_js');
 			sethash(oid);
@@ -1591,6 +1594,11 @@ function eval_hash() {
 		i.value = uricom_dec(v.slice(3))[0];
 		return i.oninput();
 	}
+
+	if (v.indexOf('#v=') === 0) {
+		goto(v.slice(3));
+		return;
+	}
 }


@@ -1802,17 +1810,19 @@ var fileman = (function () {
 		clmod(bdel, 'en', nsel);
 		clmod(bcut, 'en', nsel);
 		clmod(bpst, 'en', r.clip && r.clip.length);
-		bren.style.display = have_mv && has(perms, 'write') && has(perms, 'move') ? '' : 'none';
-		bdel.style.display = have_del && has(perms, 'delete') ? '' : 'none';
-		bcut.style.display = have_mv && has(perms, 'move') ? '' : 'none';
-		bpst.style.display = have_mv && has(perms, 'write') ? '' : 'none';
+
+		clmod(bren, 'hide', !(have_mv && has(perms, 'write') && has(perms, 'move')));
+		clmod(bdel, 'hide', !(have_del && has(perms, 'delete')));
+		clmod(bcut, 'hide', !(have_mv && has(perms, 'move')));
+		clmod(bpst, 'hide', !(have_mv && has(perms, 'write')));
+		clmod(ebi('wfm'), 'act', QS('#wfm a.en:not(.hide)'));
+
 		bpst.setAttribute('tt', 'paste ' + r.clip.length + ' items$NHotkey: ctrl-V');
-		clmod(ebi('wfm'), 'act', QS('#wfm a.en:not([style])'));
 	};

 	r.rename = function (e) {
 		ev(e);
-		if (bren.style.display)
+		if (clgot(bren, 'hide'))
 			return toast.err(3, 'cannot rename:\nyou do not have “move” permission in this folder');

 		var sel = msel.getsel();
@@ -2099,7 +2109,7 @@ var fileman = (function () {

 	r.delete = function (e) {
 		ev(e);
-		if (bdel.style.display)
+		if (clgot(bdel, 'hide'))
 			return toast.err(3, 'cannot delete:\nyou do not have “delete” permission in this folder');

 		var sel = msel.getsel(),
@@ -2145,7 +2155,7 @@ var fileman = (function () {

 	r.cut = function (e) {
 		ev(e);
-		if (bcut.style.display)
+		if (clgot(bcut, 'hide'))
 			return toast.err(3, 'cannot cut:\nyou do not have “move” permission in this folder');

 		var sel = msel.getsel(),
@@ -2186,7 +2196,7 @@ var fileman = (function () {

 	r.paste = function (e) {
 		ev(e);
-		if (bpst.style.display)
+		if (clgot(bpst, 'hide'))
 			return toast.err(3, 'cannot paste:\nyou do not have “write” permission in this folder');

 		if (!r.clip.length)
@@ -2477,7 +2487,7 @@ var showfile = (function () {
 	}

 	r.mktree = function () {
-		var html = ['<li class="bn">list of textfiles in<br />' + esc(get_vpath()) + '</li>'];
+		var html = ['<li class="bn">list of textfiles in<br />' + linksplit(get_vpath()).join('') + '</li>'];
 		for (var a = 0; a < r.files.length; a++) {
 			var file = r.files[a];
 			html.push('<li><a href="#" hl="' + file.id +
@@ -2966,9 +2976,6 @@ document.onkeydown = function (e) {
 		if (QS('.opview.act'))
 			return QS('#ops>a').click();

-		if (QS('#unsearch'))
-			return QS('#unsearch').click();
-
 		if (widget.is_open)
 			return widget.close();

@@ -2978,6 +2985,9 @@ document.onkeydown = function (e) {
 		if (!treectl.hidden)
 			return treectl.detree();

+		if (QS('#unsearch'))
+			return QS('#unsearch').click();
+
 		if (thegrid.en)
 			return ebi('griden').click();
 	}
@@ -3352,7 +3362,7 @@ document.onkeydown = function (e) {

 		treectl.hide();

-		var html = mk_files_header(tagord);
+		var html = mk_files_header(tagord), seen = {};
 		html.push('<tbody>');
 		html.push('<tr><td>-</td><td colspan="42"><a href="#" id="unsearch"><big style="font-weight:bold">[❌] close search results</big></a></td></tr>');
 		for (var a = 0; a < res.hits.length; a++) {
@@ -3361,13 +3371,18 @@ document.onkeydown = function (e) {
 				sz = esc(r.sz + ''),
 				rp = esc(uricom_dec(r.rp + '')[0]),
 				ext = rp.lastIndexOf('.') > 0 ? rp.split('.').pop().split('?')[0] : '%',
-				links = linksplit(r.rp + '');
+				id = 'f-' + ('00000000' + crc32(rp)).slice(-8);
+
+			while (seen[id])
+				id += 'a';
+			seen[id] = 1;

 			if (ext.length > 8)
 				ext = '%';

-			links = links.join('');
-			var nodes = ['<tr><td>-</td><td><div>' + links + '</div>', sz];
+			var links = linksplit(r.rp + '', id).join(''),
+				nodes = ['<tr><td>-</td><td><div>' + links + '</div>', sz];
+
 			for (var b = 0; b < tagord.length; b++) {
 				var k = tagord[b],
 					v = r.tags[k] || "";
@@ -3437,7 +3452,7 @@ var treectl = (function () {
 	});
 	setwrap(bcfg_bind(r, 'wtree', 'wraptree', true, setwrap));
 	setwrap(bcfg_bind(r, 'parpane', 'parpane', true, onscroll));
-	bcfg_bind(r, 'htree', 'hovertree', true, reload_tree);
+	bcfg_bind(r, 'htree', 'hovertree', false, reload_tree);

 	function setwrap(v) {
 		clmod(ebi('tree'), 'nowrap', !v);
@@ -3866,10 +3881,6 @@ var treectl = (function () {
 			hist_push(this.top);

 		r.gentab(this.top, res);
-
-		acct = res.acct;
-		have_up2k_idx = res.idx;
-		apply_perms(res.perms);
 		despin('#files');
 		despin('#gfiles');

@@ -3944,6 +3955,12 @@ var treectl = (function () {
 		reload_tree();
 		reload_browser();
 		tree_scrollto();
+		if (res.acct) {
+			acct = res.acct;
+			have_up2k_idx = res.idx;
+			apply_perms(res.perms);
+			fileman.render();
+		}
 	}

 	r.hydrate = function () {
@@ -5005,6 +5022,7 @@ ebi('path').onclick = function (e) {
 	if (!treectl.spa || !a || !(a = a.getAttribute('href') + '') || !a.endsWith('/'))
 		return;

+	thegrid.setvis(true);
 	treectl.reqls(a, true, true);
 	return ev(e);
 };
@@ -5030,6 +5048,13 @@ ebi('files').onclick = ebi('docul').onclick = function (e) {
 		showfile.show(noq_href(ebi(tgt.getAttribute('hl'))), tgt.getAttribute('lang'));
 		return ev(e);
 	}
+
+	tgt = e.target.closest('a');
+	if (tgt && tgt.closest('li.bn')) {
+		thegrid.setvis(true);
+		treectl.goto(tgt.getAttribute('href'), true);
+		return ev(e);
+	}
 };


@@ -5080,7 +5105,10 @@ function reload_browser() {

 	reload_mp();
 	try { showsort(ftab); } catch (ex) { }
-	makeSortable(ftab, mp.read_order.bind(mp));
+	makeSortable(ftab, function () {
+		thegrid.setdirty();
+		mp.read_order();
+	});

 	for (var a = 0; a < 2; a++)
 		clmod(ebi(a ? 'pro' : 'epi'), 'hidden', ebi('unsearch'));
--- a/copyparty/web/md.js
+++ b/copyparty/web/md.js
@@ -85,13 +85,13 @@ function copydom(src, dst, lv) {

    var rpl = [];
    for (var a = sc.length - 1; a >= 0; a--) {
-        var st = sc[a].tagName,
-            dt = dc[a].tagName;
+        var st = sc[a].tagName || sc[a].nodeType,
+            dt = dc[a].tagName || dc[a].nodeType;

        if (st !== dt) {
            dbg("replace L%d (%d/%d) type %s/%s", lv, a, sc.length, st, dt);
-            rpl.push(a);
-            continue;
+            dst.innerHTML = src.innerHTML;
+            return;
        }

        var sa = sc[a].attributes || [],
@@ -140,8 +140,11 @@ function copydom(src, dst, lv) {
    // repl is reversed; build top-down
    var nbytes = 0;
    for (var a = rpl.length - 1; a >= 0; a--) {
-        var html = sc[rpl[a]].outerHTML;
-        dc[rpl[a]].outerHTML = html;
+        var i = rpl[a],
+            prop = sc[i].nodeType == 1 ? 'outerHTML' : 'nodeValue';
+
+        var html = sc[i][prop];
+        dc[i][prop] = html;
        nbytes += html.length;
    }
    if (nbytes > 0)
--- a/copyparty/web/up2k.js
+++ b/copyparty/web/up2k.js
@@ -1485,7 +1485,8 @@ function up2k_init(subtle) {
                    err.indexOf('NotFoundError') !== -1  // macos-firefox permissions
                ) {
                    pvis.seth(t.n, 1, 'OS-error');
-                    pvis.seth(t.n, 2, err);
+                    pvis.seth(t.n, 2, err + ' @ ' + car);
+                    console.log('OS-error', reader.error, '@', car);
                    handled = true;
                }

@@ -2113,7 +2114,7 @@ function up2k_init(subtle) {
    if (parallel_uploads < 1)
        bumpthread(1);

-    return { "init_deps": init_deps, "set_fsearch": set_fsearch, "ui": pvis }
+    return { "init_deps": init_deps, "set_fsearch": set_fsearch, "ui": pvis, "st": st, "uc": uc }
 }


--- a/copyparty/web/util.js
+++ b/copyparty/web/util.js
@@ -86,6 +86,9 @@ function vis_exh(msg, url, lineNo, columnNo, error) {
    if ((msg + '').indexOf('ResizeObserver') !== -1)
        return;  // chrome issue 809574 (benign, from <video>)

+    if ((msg + '').indexOf('l2d.js') !== -1)
+        return;  // `t` undefined in tapEvent -> hitTestSimpleCustom
+
    var ekey = url + '\n' + lineNo + '\n' + msg;
    if (ignexd[ekey] || crashed)
        return;
@@ -219,15 +222,15 @@ if (!String.prototype.endsWith)
        return this.substring(this_len - search.length, this_len) === search;
    };

-if (!String.startsWith)
+if (!String.prototype.startsWith)
    String.prototype.startsWith = function (s, i) {
        i = i > 0 ? i | 0 : 0;
        return this.substring(i, i + s.length) === s;
    };

-if (!String.trimEnd)
+if (!String.prototype.trimEnd)
    String.prototype.trimEnd = String.prototype.trimRight = function () {
-        return this.replace(/[ \t\r\n]+$/m, '');
+        return this.replace(/[ \t\r\n]+$/, '');
    };

 if (!Element.prototype.matches)
@@ -434,7 +437,7 @@ function makeSortable(table, cb) {
 }


-function linksplit(rp) {
+function linksplit(rp, id) {
    var ret = [],
        apath = '/',
        q = null;
@@ -464,8 +467,13 @@ function linksplit(rp) {
            vlink = vlink.slice(0, -1) + '<span>/</span>';
        }

-        if (!rp && q)
-            link += q;
+        if (!rp) {
+            if (q)
+                link += q;
+
+            if (id)
+                link += '" id="' + id;
+        }

        ret.push('<a href="' + apath + link + '">' + vlink + '</a>');
        apath += link;
--- a/docs/README.md
+++ b/docs/README.md
@@ -2,24 +2,12 @@



-# example resource files
+# utilities

-can be provided to copyparty to tweak things
-
-
-
-## example `.epilogue.html`
-save one of these as `.epilogue.html` inside a folder to customize it:
-
-* [`minimal-up2k.html`](minimal-up2k.html) will [simplify the upload ui](https://user-images.githubusercontent.com/241032/118311195-dd6ca380-b4ef-11eb-86f3-75a3ff2e1332.png)
-
-
-
-## example browser-css
-point `--css-browser` to one of these by URL:
-
-* [`browser.css`](browser.css) changes the background
-* [`browser-icons.css`](browser-icons.css) adds filetype icons
+## [`multisearch.html`](multisearch.html)
+* takes a list of filenames of youtube rips, grabs the youtube-id of each file, and does a search on the server for those
+* use it by putting it somewhere on the server and opening it as an html page
+* also serves as an extendable template for other specific search behaviors



--- a/docs/multisearch.html
+++ b/docs/multisearch.html
@@ -0,0 +1,124 @@
+<!DOCTYPE html><html lang="en"><head>
+	<meta charset="utf-8">
+	<title>multisearch</title>
+	<meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <style>
+
+html, body {
+    margin: 0;
+    padding: 0;
+    color: #ddd;
+    background: #222;
+    font-family: sans-serif;
+}
+body {
+    padding: 1em;
+}
+a {
+    color: #fc5;
+}
+ul {
+    line-height: 1.5em;
+}
+code {
+    color: #fc5;
+    border: 1px solid #444;
+    padding: .1em .2em;
+    font-family: sans-serif, sans-serif;
+}
+#src {
+    display: block;
+    width: calc(100% - 1em);
+    padding: .5em;
+    margin: 0;
+}
+td {
+    padding-left: 1em;
+}
+.hit,
+.miss {
+    font-weight: bold;
+    padding-left: 0;
+    padding-top: 1em;
+}
+.hit {color: #af0;}
+.miss {color: #f0c;}
+.hit:before {content: '✅';}
+.miss:before {content: '❌';}
+
+</style></head><body>
+    <ul>
+        <li>paste a list of filenames (youtube rips) below and hit search</li>
+        <li>it will grab the youtube-id from the filenames and search for each id</li>
+        <li>filenames must be like <code>-YTID.webm</code> (youtube-dl style) or <code>[YTID].webm</code> (ytdlp style)</li>
+    </ul>
+    <textarea id="src"></textarea>
+    <button id="go">search</button>
+    <div id="res"></div>
+    <script>
+
+var ebi = document.getElementById.bind(document);
+function esc(txt) {
+    return txt.replace(/[&"<>]/g, function (c) {
+        return {
+            '&': '&amp;',
+            '"': '&quot;',
+            '<': '&lt;',
+            '>': '&gt;'
+        }[c];
+    });
+}
+
+ebi('go').onclick = async function() {
+    var queries = [];
+    for (var ln of ebi('src').value.split(/\n/g)) {
+        // filter the list of input files,
+        // only keeping youtube videos,
+        // meaning the filename ends with either
+        //   [YOUTUBEID].EXTENSION or
+        //   -YOUTUBEID.EXTENSION
+        var m = /[[-]([0-9a-zA-Z_-]{11})\]?\.(mp4|webm|mkv)$/.exec(ln);
+        if (!m || !(m = m[1]))
+            continue;
+
+        // create a search query for each line: name like *youtubeid*
+        queries.push([ln, `name like *${m}*`]);
+    }
+
+    var a = 0, html = ['<table>'], hits = [], misses = [];
+    for (var [fn, q] of queries) {
+        var r = await fetch('/?srch', {
+            method: 'POST',
+            body: JSON.stringify({'q': q})
+        });
+        r = await r.json();
+        
+        var cl, tab2;
+        if (r.hits.length) {
+            tab2 = hits;
+            cl = 'hit';
+        }
+        else {
+            tab2 = misses;
+            cl = 'miss';
+        }
+        var h = `<tr><td class="${cl}" colspan="9">${esc(fn)}</td></tr>`;
+        tab2.push(h);
+        html.push(h);
+        for (var h of r.hits) {
+            var link = `<a href="/${h.rp}">${esc(decodeURIComponent(h.rp))}</a>`;
+            html.push(`<tr><td>${h.sz}</td><td>${link}</td></tr>`);
+        }
+        ebi('res').innerHTML = `searching, ${++a} / ${queries.length} done, ${hits.length} hits, ${misses.length} miss`;
+    }
+    html.push('<tr><td><h1>hits:</h1></td></tr>');
+    html = html.concat(hits);
+
+    html.push('<tr><td><h1>miss:</h1></td></tr>');
+    html = html.concat(misses);
+
+    html.push('</table>');
+    ebi('res').innerHTML = html.join('\n');
+};
+
+</script></body></html>
--- a/scripts/deps-docker/Dockerfile
+++ b/scripts/deps-docker/Dockerfile
@@ -2,7 +2,7 @@ FROM    alpine:3.15
 WORKDIR /z
 ENV     ver_asmcrypto=5b994303a9d3e27e0915f72a10b6c2c51535a4dc \
        ver_hashwasm=4.9.0 \
-        ver_marked=4.0.6 \
+        ver_marked=4.0.10 \
        ver_mde=2.15.0 \
        ver_codemirror=5.64.0 \
        ver_fontawesome=5.13.0 \
--- a/scripts/sfx.py
+++ b/scripts/sfx.py
@@ -1,10 +1,10 @@
 #!/usr/bin/env python3
 # coding: latin-1
 from __future__ import print_function, unicode_literals
-
 import re, os, sys, time, shutil, signal, threading, tarfile, hashlib, platform, tempfile, traceback
 import subprocess as sp

+
 """
 to edit this file, use HxD or "vim -b"
  (there is compressed stuff at the end)
@@ -20,6 +20,7 @@ the archive data is attached after the b"\n# eof\n" archive marker,
  b"\n# " decodes to b""
 """

+
 # set by make-sfx.sh
 VER = None
 SIZE = None
--- a/tests/util.py
+++ b/tests/util.py
@@ -109,6 +109,9 @@ class VSock(object):
        self._reply += buf
        return len(buf)

+    def getsockname(self):
+        return ("a", 1)
+

 class VHttpSrv(object):
    def __init__(self):
Author	SHA1	Message	Date
ed	ded0567cbf	v1.1.12	2022-01-18 22:28:33 +01:00
ed	c9cac83d09	fix PUT response in write-only folders	2022-01-18 21:37:11 +01:00
ed	4fbe6b01a8	clarify what the app does	2022-01-17 00:31:23 +00:00
ed	ee9585264e	deal with github api change + build vamp if necessary	2022-01-17 00:27:23 +00:00
ed	c9ffead7bf	prisonparty: support running from src	2022-01-17 00:24:40 +00:00
ed	ed69d42005	v1.1.11	2022-01-14 22:25:06 +01:00
ed	0b47ee306b	bump marked.js to 4.0.10	2022-01-14 20:42:23 +01:00
ed	e4e63619d4	linkable maintabs	2022-01-14 19:26:07 +01:00
ed	f32cca292a	propagate sort-order to thegrid	2022-01-14 18:28:49 +01:00
ed	e87ea19ff1	return file URL in PUT response	2022-01-11 22:59:19 +01:00
ed	0214793740	fix garbage in markdown output	2022-01-05 18:57:05 +01:00
ed	fc9dd5d743	meadup changes	2022-01-03 01:16:27 +01:00
ed	9e6d5dd2b9	vbi: add onscreen qrcode	2021-12-28 20:57:11 +01:00
ed	bdad197e2c	make it even worse	2021-12-27 00:04:38 +01:00
ed	7e139288a6	add very bad idea	2021-12-26 23:32:46 +01:00
ed	6e7935abaf	repaint cut/paste buttons when permissions change	2021-12-24 00:50:52 +01:00
ed	3ba0cc20f1	v1.1.10	2021-12-17 00:05:17 +01:00
ed	dd28de1796	sendfile: handle eagain	2021-12-17 00:04:19 +01:00
ed	9eecc9e19a	v1.1.9	2021-12-16 22:54:44 +01:00
ed	6530cb6b05	shut socket on tx error	2021-12-16 22:51:24 +01:00
ed	41ce613379	add multisearch	2021-12-12 20:11:07 +01:00
ed	5e2785caba	more aggressively try ffmpeg when mutagen fails	2021-12-11 20:31:04 +01:00
ed	d7cc000976	v1.1.8	2021-12-10 02:44:48 +01:00
ed	50d8ff95ae	good stuff	2021-12-10 02:21:56 +01:00
ed	b2de1459b6	quick backports to the alternative fuse client	2021-12-10 01:59:45 +01:00
ed	f0ffbea0b2	add breadcrumbs to the textfile tree	2021-12-10 00:44:47 +01:00
ed	199ccca0fe	v1.1.7	2021-12-07 19:19:35 +01:00
ed	1d9b355743	fix search ui after `b265e59` broke it	2021-12-07 19:12:36 +01:00
ed	f0437fbb07	cleanup the windowtitle a bit	2021-12-07 19:09:24 +01:00