See Johan's answer for an explanation of the regular expression.

What this script basically does is it sets the 'originURI' cookie to '/login.html' if the cookie is not yet set. This cookie is used by the client to decide whether it should navigate to a custom login page when the user signs out. If the 'originURI' cookie is set, it will navigate to that page. If the cookie is not set it will show the default login form.

This cookie is usually set on the login page itself to make it possible to use multiple login pages. The client then uses this cookie to redirect users to the correct login page when they sign out.

I think the reason this script is inside the default index page is that it is needed to make single sign-on work in the cloud. If you don't use single sign-on you can safely remove this script. You will then use the default login form instead of login.html.

The match is a regular expression. The g and i are flags which change the behaviour of the regular expression. The g refers to global, meaning it will match all occurrences. The i means that it's case insensitive.

The cookie is used by single sign-on. The originUri points to the login page, so that we can redirect you automatically.

Thanks for your clarification Johan. That makes sense. This still leaves the question why this script is needed at all.