Captive Portal CORS problem



  • Hello,
    My issue is as follow,
    I have a Captive Portal configured on one interface and it operates over HTTPS. The authentication method is Radius MAC, it checks the radius server first and then loads the Authentication Error page. That page has nothing inside but redirection to my external login page, where i am doing all my logic and updating the radius database. Right after that i am trying to call the $PORTAL_ACTION$ that i stored during the redirection to re-authenticate the device, but that can not be done because the script on my page returns an error saying that request was blocked by CORS policy because the resource does not return the "Access-Control-Allow-Origin" header. I tried to debug that issue by sending the OPTION request to $PORTAL_ACTION$ using cURL to see what it actually returns, but the response is 405 indicating that pre-flight requests can not be done. Any suggestion to make that cross-origin call?
    Thanks.



  • You need to create a custom Auth error page with the appropriate Access-Control-Allow-Origin header,

    see https://enable-cors.org/server_php.html


Log in to reply