Skip to main content

Global settings

Andy HsuConfigConfigSettingsAbout 3 min

Global settings

Hide files

Match files hidden by regular expressions(javascript). If you don't understand, don't fill in them randomly. Wrong regular expressions /\/ will cause the front-end page to crash. One per line. By default, there is an example expression that hides README.mdopen in new window in all directories.

It's not really hiding. It still exists in the list returned by the api, it just doesn't show up in the frontend list. So if you want to really hide, add a meta record instead.

Package download

Whether to enable package download, default is true. 【Not recommended especially when there are many or large files】

Customize head

Any content you want which are automatically placed at the beginning of the head of the web page

Customize body

Any content you want which are automatically placed at the end of the body of the web page

The expiration time of the direct link, in hours. If it equals 0, it will not expire. Default is 0.


Only the straight chain of the path with the password added will have an expiration time, otherwise it will not expire.Because the expiration time is added to the sign query parameter, and the path without adding the password will not check the sign.

Privacy regs

What you don't want to show in the error message, One regular expression (in Golang) per line. The matched content will be replaced with * of the corresponding length.

Ocr api

Used to identify verification codes. You can deploy yourself: in new window. The default ocr api is deployed on the koyebopen in new window(No availability guarantee), which is not recommended to use in production environment.

Sign all

Add signatures to the direct link of all files (whether with password or not)

That is

If you need to close it, you can close it yourself, but you need to pay attention to security issues. After closing the signature, if the site can be accessed by the public network, the password may be bypassed to access private files.

There are two other methods that also carry the sign?xxx parameter, 1. Add Storage Select Enable Signing, 2. Meta Information Add Password

The scope of the three methodsSign All > Meta Information Add Password > Add Storage Select Enable Signing

  1. Sign All: If this option is turned on, the sign parameter will be carried regardless of whether meta-information is encrypted or not, and whether Enable Signing is checked when adding storage.
  2. Meta Information Add Password:Only files under this meta information path will carry the sign parameter.
    • If Apply to sub folder is turned on, all files in this path will carry the sign parameter
  3. Add Storage Select Enable Signing:Only this storage driver carries the sign parameter.

You can check it out yourself: in new window

Filename char mapping

Mainly to map some special characters so that Alist can work normally

For example, the / symbol is a path symbol in the Alist program. Some people’s files have / symbols that cause the file to be disconnected halfway and cannot be viewed. We can use this method to map and convert.

{"/": "|","xx1":"xx1","xx2":"xx2"}

The default is the first one at the beginning. If you want to add it later, you can add it later. The format is as simple as above.

Webauthn login enabled

What is Webauthn? Search for yourself, today I just teach you how to use it

In the background Settings-->Global-->Open Webauthn login enabled, go back to the background Profile-->Bind Add a Webauthn credential

  • Add a Webauthn credential using the PIN of this computer or complementary devices (such as bracelets, watches) [support all options in Windows Hello configuration, such as face and fingerprint]

  • Just like binding single sign-on, we can use Webauthn to log in after binding

    • On the login page, click the login button on the far right, enter our user name, click login, and then unlock the required Webauthn verification method to log in
  • Adding Webauthn requires a secure origin and can only be used on https or localhost

    • Unsafe sources, such as: http, 192.168.x.x,, or directly use the server IP, etc. These places cannot be used