I have been using this repo (great work by the way) deployed to cloudflare and it seems to be working well enough for clients accessed through a web browser and linux. Windows seems to be an issue. I also have a client (browser based) that tries to connect by first sending an OPTIONS method. It seems that the service responds with a status 401, even though I am using the proper credentials that seem to work well using other methods such as GET and POST.

I'm not too familiar with the webdav protocol, but I do see that if the linux client connects sending the OPTIONS method, it seems to work, but the web client does not.

Using the cloudflare logs in the worker, I see that the following request coming from the web client:

"event": {
    "request": {
      "url": "https://MYPROPERADDRESS/FILENAME",
      "method": "OPTIONS",
      "headers": {
        "accept": "*/*",
        "accept-encoding": "gzip",
        "accept-language": "en-US,en;q=0.9",
        "access-control-request-headers": "authorization,cache-control",
        "access-control-request-method": "HEAD",
        "cf-connecting-ip": "CLIENTIP",
        "cf-ipcountry": "US",
        "cf-ray": "85d9bbbf5aac390a",
        "cf-visitor": "{\"scheme\":\"https\"}",
        "connection": "Keep-Alive",
        "host": "MYPROPERADDRES",
        "origin": "https://ORIGINSERVERURL/",
        "referer": "https://ORIGINSERVERURL/",
        "sec-fetch-dest": "empty",
        "sec-fetch-mode": "cors",
        "sec-fetch-site": "cross-site",
        "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36",
        "x-forwarded-proto": "https",
        "x-real-ip": "MYREALIP"
      },

Obviously the response code I get back is

"response": {
      "status": 401
    }

The only part I see in the index.js code that sends a response back of 401 is line 614 that checks to make sure that the Authorization is not sent Basic realm. but I don't understand what this is and what this is for:

export default {
	async fetch(request: Request, env: Env, ctx: ExecutionContext): Promise<Response> {
		const { bucket } = env;

		if (request.headers.get('Authorization') !== `Basic ${btoa(`${env.USERNAME}:${env.PASSWORD}`)}`) {
			return new Response('Unauthorized', {
				status: 401,
				headers: {
					'WWW-Authenticate': 'Basic realm="webdav"',
				},
			});
		}

If I compare that unsuccessful OPTIONS method call with one that is the biggest thing I can see is the lack of a "authorization" key value pair, but there is one sent in the "access-control-request-headers"

"access-control-request-headers": "authorization,cache-control",

Again, I don't understand what this is, and why this particular client is making the OPTIONS method call this way. Any help would be appreciated

Describe the bug
When attempting to bind a WebDAV server to Zotero for file syncing, an HTTP 206 Partial Content error occurs, preventing successful binding and synchronization.

To Reproduce
Steps to reproduce the behavior:

1. Go to 'Zotero Preferences'
2. Click on 'Sync'
3. Set up WebDAV by entering the WebDAV server URL, username, and password
4. Click on 'Verify Server' to test the connection
5. See error

Expected behavior
A clear and concise description of what you expected to happen. The WebDAV server should bind successfully without errors, allowing for file synchronization with Zotero.

Screenshots