Windows 10 explorer.exe insist credentials are wrong

[divinity76]

when trying to mount with windows 10 explorer.exe client with the default admin:foo it insist the credentials are wrong🤔 screenshot:

strangely at #37 someone else get a different error from windows 10, i wonder if it's related

[divinity76]

did some digging: explorer.exe never sends any credentials at all, it only sends this request:

OPTIONS / HTTP/1.1
Host: cacbot.ratma.net:8000
Connection: Keep-Alive
Translate: f
User-Agent: Microsoft-WebDAV-MiniRedir/10.0.19045

and dave responds:

HTTP/1.1 401 Unauthorized
Www-Authenticate: Basic realm=dave
Date: Thu, 23 Mar 2023 10:41:22 GMT
Content-Length: 16
Content-Type: text/plain; charset=utf-8

401 Unauthorized

and explorer.exe proceeds to say "invalid credentials". so here's the deal: Windows 10's Explorer.exe expects the OPTIONS request to not include authentication, and dave expects the OPTIONS request to include authentication

🤔

[divinity76]

did some more digging: it appears explorer.exe will... check if the server require credentials, if YES, it will ask the user for credentials, then it will check if the server connection is encrypted, if NO, it will tell the user "invalid credentials" (instead of doing something SENSIBLE like saying "sorry, i do not support using credentials without httpS")