Consolidate resource path for shared file

[christaikobo]

Is your feature request related to a problem? Please describe.
When visiting a shared file anonymously, there are at least 3 http paths visited /share /static /api/public, when using an forward auth solution like authelia or authentik, having to whitelist 3 paths is cumbersome, and honestly I don't even know if they are safe to whitelist, i.e. if there are other scenarios where resources that shouldn't be available to an anonymous user hosted at these paths.

Describe the solution you'd like
I suggest consolidating all resources used for a shared file link visited by an anonymous user under /share.

Describe alternatives you've considered
I can manually whitelist some paths, but as described above, I have no confidence whether it's safe or not.

[gtsteffaniak]

Absolutely... Been on my mind

[gtsteffaniak]

And they are safe to whitelist for now. Changing this would cause existing links to need to be recreated , but of course that's why this is still in beta, so we can adjust these things while the user base understands.

If this had a stable build it would be a lot more work to maintain backwards compatibility.

I still try to do backwards compatibility where possible, but for this I think I would do a major release where it's highlighted that share links and all public API actions happen under the "public" url.

Ie:

/public/share/
/public/api/resource
/public/api/download
/public/static/index.html

It's also difficult for me to keep track of the difference between "public api" functions and "share api" functions.

It would also make the codebase cleaner to convert everything to a public path. Most of this is because the OG FileBrowser had the same "share" vs "public" paradigm, but I think it's worth consolidating into one "public" path at this point.

[gtsteffaniak]

still has one more thing needed before closing #1102