X-Git-Url: http://git.archive.openwrt.org/?p=project%2Fluci.git;a=blobdiff_plain;f=modules%2Fluci-base%2Fluasrc%2Fdispatcher.lua;h=45e1e308f8f6ddebddbc7ee7534e1f677443d9e6;hp=1984fc4ad2c84b1b5de701ddc1e9a078296647b4;hb=9ed48ef2a62df5406c589ef9a43da51df8d9645c;hpb=8335997df5e103a9a8d9f06f0b514e809fb729b7

diff --git a/modules/luci-base/luasrc/dispatcher.lua b/modules/luci-base/luasrc/dispatcher.lua
index 1984fc4ad..45e1e308f 100644
--- a/modules/luci-base/luasrc/dispatcher.lua
+++ b/modules/luci-base/luasrc/dispatcher.lua
@@ -182,6 +182,7 @@ local function session_retrieve(sid, allowed_users)
 	   (not allowed_users or
 	    util.contains(allowed_users, sdat.values.username))
 	then
+		uci:set_session_id(sid)
 		return sid, sdat.values
 	end
 
@@ -428,7 +429,9 @@ function dispatch(request)
 				return
 			end
 
-			http.header("Set-Cookie", 'sysauth=%s; path=%s' %{ sid, build_url() })
+			http.header("Set-Cookie", 'sysauth=%s; path=%s; HttpOnly%s' %{
+				sid, build_url(), http.getenv("HTTPS") == "on" and "; secure" or ""
+			})
 			http.redirect(build_url(unpack(ctx.requestpath)))
 		end
 
@@ -882,6 +885,8 @@ local function _cbi(self, ...)
 	local pageaction = true
 	local parsechain = { }
 
+	local is_rollback, time_remaining = uci:rollback_pending()
+
 	for i, res in ipairs(maps) do
 		if res.apply_needed and res.parsechain then
 			local c
@@ -909,6 +914,7 @@ local function _cbi(self, ...)
 		res:render({
 			firstmap   = (i == 1),
 			applymap   = applymap,
+			confirmmap = (is_rollback and time_remaining or nil),
 			redirect   = redirect,
 			messages   = messages,
 			pageaction = pageaction,