http.status(404, "Not Found")
message = message or "Not Found"
- require("luci.template")
- if not util.copcall(luci.template.render, "error404") then
+ local function render()
+ local template = require "luci.template"
+ template.render("error404")
+ end
+
+ if not util.copcall(render) then
http.prepare_content("text/plain")
http.write(message)
end
+
return false
end
end
end
- for node in pathinfo:gmatch("[^/]+") do
+ local node
+ for node in pathinfo:gmatch("[^/%z]+") do
r[#r+1] = node
end
return
end
- http.header("Set-Cookie", 'sysauth=%s; path=%s' %{ sid, build_url() })
+ http.header("Set-Cookie", 'sysauth=%s; path=%s; HttpOnly%s' %{
+ sid, build_url(), http.getenv("HTTPS") == "on" and "; secure" or ""
+ })
http.redirect(build_url(unpack(ctx.requestpath)))
end
ctx.authuser = sdat.username
end
+ if track.cors and http.getenv("REQUEST_METHOD") == "OPTIONS" then
+ luci.http.status(200, "OK")
+ luci.http.header("Access-Control-Allow-Origin", http.getenv("HTTP_ORIGIN") or "*")
+ luci.http.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS")
+ return
+ end
+
if c and require_post_security(c.target) then
if not test_post_security(c) then
return