Fix Nginx Lua Bug with ngx.header["Set-Cookie"] function for some reason it only allows one instance of this header to be defined in a script. So to fix the issue I define the header once and only once in the entire script right at the end and set a variable that can be dynamic in setting multiple cookies.
Add cors headers and include XMLHTTPREQUEST with credentials tag and remove domain tag from set-cookie to fix issue with Google Chrome. Still broken in Microsoft Edge !?
Added Feature built in my method to encrypt and obfuscate Javascript outputs. (I am very proud of this!)
Bug fix: incase certain browsers lack in permissions to set cookies with javascript on the initital header request we will give them their cookie they still need javascript enabled to solve the authentication puzzle that will always be mandatory!
Added X-Requested-* headers for the next feature i am building in
Move current time variable out of configuration area.
Create currentdate variable to stop calling os.date() and os.time() multiple un-needed times.
Fix bug now the auth page only shows when the expire_time config value is set and around the time before if you had set a time greater than one day every 24 hours you would recieve the auth page even if your cookies are valid this expire_time checks solves that problem.
Add new security feature to make the cookies we set encrypted, unpredictable, dynamic and unique to each user/client to increase our security from content scrappers bots leechers etc. Where as before they could monitor static cookie names this prevents that.
Add new security feature to make the header we sent our Javascript answer from the browser over unpredictable and dynamic to increase our security from content scrappers bots leechers etc.
Remove Search Engines from the Browsers Javascript Checking (This will allow search engines to crawl still like Google because they can execute Javascript)
Fix expire_time description to show correct default time of 1 day.
Fix cookie bug when Javascript was setting a cookie it was setting a cookie of 'now' instead of the set config of expire_time into the future when the cookie should expire.
Added the challenge cookie to the headers set by grant_access function to update the cookie set by Javascript since the time stamp on the cookie would be out of sync with the other cookies otherwise this was all cookies will be updated and set/kept with the same time stamps.
