Breadcrumb navigation on public links not setting Authorization header

[refs]

Steps to reproduce

1. create a public share on a collection
2. create a nested folder structure (>1 directory)
3. navigate to any directory from the root shared folder
4. use the breadcrumbs to navigate up the tree

Expected behaviour

Land in the folder you just clicked on.

Actual behaviour

401 returned by the server because the request does not include authorization headers.

Happens in both oCIS and oc10. It's likely a Phoenix issue.

Here's two cURL requests, one for a valid authorized request and an invalid one that happens when navigating through breadcrumbs:

(both requests can be run on the cli as it uses demo.owncloud.com)
Working:

curl 'https://demo.owncloud.com/remote.php/dav/public-files/GDIgyjXmyPQdF3W/foldera/folderb' \
  -X 'OPTIONS' \
  -H 'authority: demo.owncloud.com' \
  -H 'pragma: no-cache' \
  -H 'cache-control: no-cache' \
  -H 'accept: */*' \
  -H 'access-control-request-method: PROPFIND' \
  -H 'access-control-request-headers: authorization,content-type,depth,ocs-apirequest,x-request-id,x-requested-with' \
  -H 'origin: https://phoenix.owncloud.com' \
  -H 'sec-fetch-mode: cors' \
  -H 'sec-fetch-site: same-site' \
  -H 'sec-fetch-dest: empty' \
  -H 'referer: https://phoenix.owncloud.com/' \
  -H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36' \
  -H 'accept-language: en,es-ES;q=0.9,es;q=0.8' \
  --compressed

Not working:

curl 'https://demo.owncloud.com/remote.php/dav/public-files/GDIgyjXmyPQdF3W/foldera/folderb' \
  -X 'PROPFIND' \
  -H 'authority: demo.owncloud.com' \
  -H 'pragma: no-cache' \
  -H 'cache-control: no-cache' \
  -H 'x-requested-with: XMLHttpRequest' \
  -H 'depth: 1' \
  -H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36' \
  -H 'ocs-apirequest: true' \
  -H 'content-type: application/xml; charset=UTF-8' \
  -H 'accept: */*' \
  -H 'origin: https://phoenix.owncloud.com' \
  -H 'sec-fetch-site: same-site' \
  -H 'sec-fetch-mode: cors' \
  -H 'sec-fetch-dest: empty' \
  -H 'referer: https://phoenix.owncloud.com/' \
  -H 'accept-language: en,es-ES;q=0.9,es;q=0.8' \
  --data-binary $'<?xml version="1.0"?>\n<d:propfind  xmlns:d="DAV:" xmlns:oc="http://owncloud.org/ns">\n  <d:prop>\n    <oc:permissions />\n    <oc:favorite />\n    <oc:fileid />\n    <oc:owner-id />\n    <oc:owner-display-name />\n    <oc:share-types />\n    <oc:privatelink />\n    <d:getcontentlength />\n    <oc:size />\n    <d:getlastmodified />\n    <d:getetag />\n    <d:resourcetype />\n  </d:prop>\n</d:propfind>' \
  --compressed

[refs]

it only happens on the parent folder:

for instance:

if your current working directory is foldera/folderb the breadcrumbs menu state is:

Navigating fo foldera works just fine, but selecting folderb (while being on folderb) fails.

IMHO the last element of the path shouldn't be an anchor.

[PVince81]

duplicate of #2965, but since yours contain more details, I'll close the other one.

[refs]

For more context, google drive does use the last element and provides with the following options:

Good real state to add some actions.