From b2ec048333ca659a4791c2ed721288574f4d3b51 Mon Sep 17 00:00:00 2001
From: Yukino Song <nutosservice@gmail.com>
Date: Wed, 28 May 2025 03:47:29 +0800
Subject: [PATCH] Fix WebUI

---
 src/confighttp.cpp                       |  2 +-
 src_assets/common/assets/web/config.html | 16 ++++++++++++++--
 src_assets/common/assets/web/login.html  |  2 +-
 3 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/src/confighttp.cpp b/src/confighttp.cpp
index 3121818b..b7c282e0 100644
--- a/src/confighttp.cpp
+++ b/src/confighttp.cpp
@@ -1387,7 +1387,7 @@ namespace confighttp {
       sessionCookie = util::hex(crypto::hash(sessionCookieRaw + config::sunshine.salt)).to_string();
       cookie_creation_time = std::chrono::steady_clock::now();
       const SimpleWeb::CaseInsensitiveMultimap headers {
-        { "Set-Cookie", "auth=" + sessionCookieRaw + "; Secure; Max-Age=2592000; Path=/" }
+        { "Set-Cookie", "auth=" + sessionCookieRaw + "; Secure; SameSite=Strict; Max-Age=2592000; Path=/" }
       };
       response->write(headers);
       fg.disable();
diff --git a/src_assets/common/assets/web/config.html b/src_assets/common/assets/web/config.html
index 63a94c03..bc495e16 100644
--- a/src_assets/common/assets/web/config.html
+++ b/src_assets/common/assets/web/config.html
@@ -379,8 +379,20 @@
             });
           });
 
-          this.global_prep_cmd = this.config.global_prep_cmd;
-          this.server_cmd = this.config.server_cmd;
+          if (this.platform === 'windows') {
+            this.global_prep_cmd = this.config.global_prep_cmd.map((i) => {
+              i.elevated = !!i.elevated
+              return i
+            });
+            this.server_cmd = this.config.server_cmd.map((i) => {
+              i.elevated = !!i.elevated
+              return i
+            });
+          } else {
+            this.global_prep_cmd = this.config.global_prep_cmd;
+            this.server_cmd = this.config.server_cmd;
+          }
+
         });
     },
     methods: {
diff --git a/src_assets/common/assets/web/login.html b/src_assets/common/assets/web/login.html
index 39a15247..1749dc45 100644
--- a/src_assets/common/assets/web/login.html
+++ b/src_assets/common/assets/web/login.html
@@ -101,7 +101,7 @@
             const url = new URL(window.location);
             const redirectUrl = url.searchParams.get('redir');
             const hash = url.hash;
-            if (redirectUrl) {
+            if (redirectUrl && redirectUrl.startsWith('.')) {
               location.href = redirectUrl + hash;
             } else {
               location.href = './' + hash;