hzhang b9cbb7e895 fix: change control page routes from gateway to plugin auth ...

auth: "gateway" requires Bearer token in Authorization header,
which browser direct navigation never sends (no session cookies).
auth: "plugin" allows unauthenticated access on loopback, which
is sufficient since gateway is bound to 127.0.0.1 only.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-04-09 01:15:29 +01:00

13 KiB

Raw Blame History

View Raw