Yún Rev.2 - http://arduino.local/data/get - edited

Official Hardware Classic Yún
1

Hi,
I'm playing with this new Yún Rev.2. I've followed the instruction https://www.arduino.cc/en/Tutorial/ExpandingYunDiskSpace to copy the Linux onto a SD card splitted with a FAT32 partition:OK. I've also installed PHP7:OK. Now I test the reading of some variables: partially OK.

My sketch copies some variables to the Linux side with Bridge.put(): OK.
When I get the data with the url http://arduino.local/data/get , I first receive a WWW-Authenticate: Basic realm="arduino". I answer with a basic auth "root"/"arduino" and then I receive a redirect response with a Set-Cookie: sysauth=cda6c17a76860aa1edcb699ce0cb64f7; path=/cgi-bin/luci/
I answer with the cookie on the the redirected link and finally I receive the expected answer.

Example collected with WFetch1.3:

started....
WWWConnect::Close("arduino.local","80")\n
closed source port: 54914\r\n
WWWConnect::Connect("arduino.local","80")\n
IP = "[fe80::aa40:41ff:fe11:8d38%19]:80"\nsource port: 54922\r\n
REQUEST: **************\n
GET /data/get HTTP/1.1\r\n
Host: arduino.local\r\n
Accept: /\r\n
Connection: Keep-Alive\r\n
\r\n
RESPONSE: **************\n
HTTP/1.1 401 OK\r\n
Connection: Keep-Alive\r\n
Transfer-Encoding: chunked\r\n
Keep-Alive: timeout=20\r\n
WWW-Authenticate: Basic realm="arduino"\r\n
\r\n
finished.
started....
Reusing existing connection (source port 54922)\n
REQUEST: **************\nGET /data/get HTTP/1.1\r\n
Host: arduino.local\r\n
Accept: /\r\n
Connection: Keep-Alive\r\n
Authorization: Basic cm9vdDphcmR1aW5v\r\n
\r\n
RESPONSE: **************\n
HTTP/1.1 302 Found\r\n
Connection: Keep-Alive\r\n
Transfer-Encoding: chunked\r\n
Keep-Alive: timeout=20\r\n
Set-Cookie: sysauth=cda6c17a76860aa1edcb699ce0cb64f7; path=/cgi-bin/luci/\r\n
Location: /cgi-bin/luci/data/get\r\n
\r\n
finished.
started....
WWWConnect::Close("arduino.local","80")\n
closed source port: 54922\r\n
WWWConnect::Connect("arduino.local","80")\n
IP = "[fe80::aa40:41ff:fe11:8d38%19]:80"\nsource port: 54927\r\n
REQUEST: **************\n
GET /cgi-bin/luci/data/get HTTP/1.1\r\n
Cookie: sysauth=cda6c17a76860aa1edcb699ce0cb64f7; path=/cgi-bin/luci/\r\n
Host: arduino.local\r\n
Accept: /\r\n
Connection: Keep-Alive\r\n
Authorization: Basic cm9vdDphcmR1aW5v\r\n
\r\n
RESPONSE: **************\n
HTTP/1.1 200 OK\r\n
Connection: Keep-Alive\r\n
Transfer-Encoding: chunked\r\n
Keep-Alive: timeout=20\r\n
Content-Type: application/json\r\n
Cache-Control: no-cache\r\n
Expires: 0\r\n
\r\n
{"value":{"log":"343,1534252380,2018-08-14,15:13:00,+02:00,0001,10000001,0000 0000 0000,-,-"},"response":"get"}
finished.

Can somebody explain these undocumented authentication and redirection?