Basic DAV server using Flask.

Forked from iv


WebDAV server based on Flask.


HTTPS support

flaskdav supports HTTPS when running with options --cert path/to/certificate and --key path/to/key.

To generate a private key and associated SSL certificate:

openssl req -nodes -newkey rsa -days 365 -keyout "ssl.key" -x509 -out "ssl.cert"

Cookie authentication

A cookie is set for every different Origin and contains a HMAC signature of the Origin and the User-Agent of the app accessing it. The cookie is set with HttpOnly flag, so that it cannot be read by JavaScript apps.

The HMAC key is reset each time you restart the server.


python flaskdav.py --cert ssl.cert --key ssl.key --path /

tells the server to use the generated SSL key and certificate, and to give access to the full system.


On NayuOS, do:

bash runflaskdav

to run flaskdav on / or give an absolute path as argument:

bash runflaskdav /media/removable


flaskdav is under the GPL2 license.

utils.py is a modified version of PyWebDAV's files that are under GPL2 License original files:


  • support LOCK/UNLOCK
  • support PROPPATCH
  • continue cleaning PROPFIND code
  • remove Resource class
  • read large data received via PUT/PROPFIND methods by chunks