(not allowed_users or
util.contains(allowed_users, sdat.values.username))
then
+ uci:set_session_id(sid)
return sid, sdat.values
end
elseif key == "REQUEST_URI" then
return build_url(unpack(ctx.requestpath))
elseif key == "FULL_REQUEST_URI" then
- local url = { http.getenv("SCRIPT_NAME"), http.getenv("PATH_INFO") }
+ local url = { http.getenv("SCRIPT_NAME") or "", http.getenv("PATH_INFO") }
local query = http.getenv("QUERY_STRING")
if query and #query > 0 then
url[#url+1] = "?"
return
end
- http.header("Set-Cookie", 'sysauth=%s; path=%s' %{ sid, build_url() })
+ http.header("Set-Cookie", 'sysauth=%s; path=%s; HttpOnly%s' %{
+ sid, build_url(), http.getenv("HTTPS") == "on" and "; secure" or ""
+ })
http.redirect(build_url(unpack(ctx.requestpath)))
end
ctx.authuser = sdat.username
end
+ if track.cors and http.getenv("REQUEST_METHOD") == "OPTIONS" then
+ luci.http.status(200, "OK")
+ luci.http.header("Access-Control-Allow-Origin", http.getenv("HTTP_ORIGIN") or "*")
+ luci.http.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS")
+ return
+ end
+
if c and require_post_security(c.target) then
if not test_post_security(c) then
return
else
ok, err = util.copcall(target, unpack(args))
end
- assert(ok,
- "Failed to execute " .. (type(c.target) == "function" and "function" or c.target.type or "unknown") ..
- " dispatcher target for entry '/" .. table.concat(request, "/") .. "'.\n" ..
- "The called action terminated with an exception:\n" .. tostring(err or "(unknown)"))
+ if not ok then
+ error500("Failed to execute " .. (type(c.target) == "function" and "function" or c.target.type or "unknown") ..
+ " dispatcher target for entry '/" .. table.concat(request, "/") .. "'.\n" ..
+ "The called action terminated with an exception:\n" .. tostring(err or "(unknown)"))
+ end
else
local root = node()
if not root or not root.target then
local last = table.remove(path)
local parent = _create_node(path)
- c = {nodes={}, auto=true}
- -- the node is "in request" if the request path matches
- -- at least up to the length of the node path
- if parent.inreq and context.path[#path+1] == last then
- c.inreq = true
+ c = {nodes={}, auto=true, inreq=true}
+
+ local _, n
+ for _, n in ipairs(path) do
+ if context.path[_] ~= n then
+ c.inreq = false
+ break
+ end
end
+
+ c.inreq = c.inreq and (context.path[#path + 1] == last)
+
parent.nodes[last] = c
context.treecache[name] = c
end
+
return c
end
local pageaction = true
local parsechain = { }
+ local is_rollback, time_remaining = uci:rollback_pending()
+
for i, res in ipairs(maps) do
if res.apply_needed and res.parsechain then
local c
res:render({
firstmap = (i == 1),
applymap = applymap,
+ confirmmap = (is_rollback and time_remaining or nil),
redirect = redirect,
messages = messages,
pageaction = pageaction,
projects / oweals / luci.git / blobdiff