http.status(404, "Not Found")
message = message or "Not Found"
- require("luci.template")
- if not util.copcall(luci.template.render, "error404") then
+ local function render()
+ local template = require "luci.template"
+ template.render("error404")
+ end
+
+ if not util.copcall(render) then
http.prepare_content("text/plain")
http.write(message)
end
+
return false
end
end
end
- for node in pathinfo:gmatch("[^/]+") do
+ local node
+ for node in pathinfo:gmatch("[^/%z]+") do
r[#r+1] = node
end
if (type(required_val) == "string" and
request_val ~= required_val) or
- (required_val == true and
- (request_val == nil or request_val == ""))
+ (required_val == true and request_val == nil)
then
return false
end
(not allowed_users or
util.contains(allowed_users, sdat.values.username))
then
+ uci:set_session_id(sid)
return sid, sdat.values
end
timeout = tonumber(luci.config.sauth.sessiontime)
})
+ local rp = context.requestpath
+ and table.concat(context.requestpath, "/") or ""
+
if type(login) == "table" and
type(login.ubus_rpc_session) == "string"
then
values = { token = sys.uniqueid(16) }
})
+ io.stderr:write("luci: accepted login on /%s for %s from %s\n"
+ %{ rp, user, http.getenv("REMOTE_ADDR") or "?" })
+
return session_retrieve(login.ubus_rpc_session)
end
+
+ io.stderr:write("luci: failed login on /%s for %s from %s\n"
+ %{ rp, user, http.getenv("REMOTE_ADDR") or "?" })
end
return nil, nil
local lang = conf.main.lang or "auto"
if lang == "auto" then
local aclang = http.getenv("HTTP_ACCEPT_LANGUAGE") or ""
- for lpat in aclang:gmatch("[%w-]+") do
- lpat = lpat and lpat:gsub("-", "_")
- if conf.languages[lpat] then
- lang = lpat
+ for aclang in aclang:gmatch("[%w_-]+") do
+ local country, culture = aclang:match("^([a-z][a-z])[_-]([a-zA-Z][a-zA-Z])$")
+ if country and culture then
+ local cc = "%s_%s" %{ country, culture:lower() }
+ if conf.languages[cc] then
+ lang = cc
+ break
+ elseif conf.languages[country] then
+ lang = country
+ break
+ end
+ elseif conf.languages[aclang] then
+ lang = aclang
break
end
end
ifattr = function(...) return _ifattr(...) end;
attr = function(...) return _ifattr(true, ...) end;
url = build_url;
- }, {__index=function(table, key)
+ }, {__index=function(tbl, key)
if key == "controller" then
return build_url()
elseif key == "REQUEST_URI" then
return build_url(unpack(ctx.requestpath))
+ elseif key == "FULL_REQUEST_URI" then
+ local url = { http.getenv("SCRIPT_NAME") or "" , http.getenv("PATH_INFO") }
+ local query = http.getenv("QUERY_STRING")
+ if query and #query > 0 then
+ url[#url+1] = "?"
+ url[#url+1] = query
+ end
+ return table.concat(url, "")
elseif key == "token" then
return ctx.authtoken
else
- return rawget(table, key) or _G[key]
+ return rawget(tbl, key) or _G[key]
end
end})
end
"https://github.com/openwrt/luci/issues"
)
- if track.sysauth then
+ if track.sysauth and not ctx.authsession then
local authen = track.sysauth_authenticator
local _, sid, sdat, default_user, allowed_users
return
end
- http.header("Set-Cookie", 'sysauth=%s; path=%s' %{ sid, build_url() })
+ http.header("Set-Cookie", 'sysauth=%s; path=%s; HttpOnly%s' %{
+ sid, build_url(), http.getenv("HTTPS") == "on" and "; secure" or ""
+ })
http.redirect(build_url(unpack(ctx.requestpath)))
end
ctx.authuser = sdat.username
end
+ if track.cors and http.getenv("REQUEST_METHOD") == "OPTIONS" then
+ luci.http.status(200, "OK")
+ luci.http.header("Access-Control-Allow-Origin", http.getenv("HTTP_ORIGIN") or "*")
+ luci.http.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS")
+ return
+ end
+
if c and require_post_security(c.target) then
if not test_post_security(c) then
return
return c
end
+function lookup(...)
+ local i, path = nil, {}
+ for i = 1, select('#', ...) do
+ local name, arg = nil, tostring(select(i, ...))
+ for name in arg:gmatch("[^/]+") do
+ path[#path+1] = name
+ end
+ end
+
+ for i = #path, 1, -1 do
+ local node = context.treecache[table.concat(path, ".", 1, i)]
+ if node and (i == #path or node.leaf) then
+ return node, build_url(unpack(path))
+ end
+ end
+end
+
function _create_node(path)
if #path == 0 then
return context.tree
local state = nil
+ local i, res
for i, res in ipairs(maps) do
+ if util.instanceof(res, cbi.SimpleForm) then
+ io.stderr:write("Model %s returns SimpleForm but is dispatched via cbi(),\n"
+ % self.model)
+
+ io.stderr:write("please change %s to use the form() action instead.\n"
+ % table.concat(context.request, "/"))
+ end
+
res.flow = config
local cstate = res:parse()
if cstate and (not state or cstate < state) then
local pageaction = true
local parsechain = { }
+ local is_rollback, time_remaining = uci:rollback_pending()
+
for i, res in ipairs(maps) do
if res.apply_needed and res.parsechain then
local c
res:render({
firstmap = (i == 1),
applymap = applymap,
+ confirmmap = (is_rollback and time_remaining or nil),
redirect = redirect,
messages = messages,
pageaction = pageaction,
function cbi(model, config)
return {
type = "cbi",
- post = { ["cbi.submit"] = "1" },
+ post = { ["cbi.submit"] = true },
config = config,
model = model,
target = _cbi
local maps = luci.cbi.load(self.model, ...)
local state = nil
+ local i, res
for i, res in ipairs(maps) do
local cstate = res:parse()
if cstate and (not state or cstate < state) then
function form(model)
return {
type = "cbi",
- post = { ["cbi.submit"] = "1" },
+ post = { ["cbi.submit"] = true },
model = model,
target = _form
}