Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Captive Portal CORS problem

    Scheduled Pinned Locked Moved
    Captive Portal
    2
    3
    672
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      alexs20
      last edited by

      Hello,
      My issue is as follow,
      I have a Captive Portal configured on one interface and it operates over HTTPS. The authentication method is Radius MAC, it checks the radius server first and then loads the Authentication Error page. That page has nothing inside but redirection to my external login page, where i am doing all my logic and updating the radius database. Right after that i am trying to call the $PORTAL_ACTION$ that i stored during the redirection to re-authenticate the device, but that can not be done because the script on my page returns an error saying that request was blocked by CORS policy because the resource does not return the "Access-Control-Allow-Origin" header. I tried to debug that issue by sending the OPTION request to $PORTAL_ACTION$ using cURL to see what it actually returns, but the response is 405 indicating that pre-flight requests can not be done. Any suggestion to make that cross-origin call?
      Thanks.

      1 Reply Last reply Reply Quote 0
      • viktor_gV
        viktor_g Netgate
        last edited by

        You need to create a custom Auth error page with the appropriate Access-Control-Allow-Origin header,

        see https://enable-cors.org/server_php.html

        A 1 Reply Last reply Reply Quote 0
        • A
          alexs20 @viktor_g
          last edited by

          @viktor_g Why you are talking about custom error page while the CORS issue with PORTAL_ACTION URL?

          1 Reply Last reply Reply Quote 0
          • First post
            Last post