I have noticed a number of posts about this, however nothing really up-to-date.
What I am attempting to do is access the PRTG API from a client script (JavaScript) within a basic HTML5 website. This is however hampered by HTTP access control (CORS). Specifically the absence of the following response headers:
- Access-Control-Allow-Origin
- Access-Control-Allow-Methods
- Access-Control-Allow-Header
Is there a way, either via the web interface or via manually editing a config file on the PRTG server to add custom response headers to PRTG?
This would allow users to add the necessary response headers and enable CORS for their PRTG instance, thus allowing cross origin resource sharing.
The other possibility that has been previously raised is to use JSONP. However this is not truly viable due to strict MIME type checking in Google Chrome.
Refused to execute script from 'https://...' because its MIME type ('application/json') is not executable, and strict MIME type checking is enabled.
JSONP seems to work Ok in Firefox 35.0.1 but is buggy in IE 11.0.19 and fails in Google Chrome 43.0.2357.71
At the moment the only option I am left with is writing my own custom web api proxy, which while totally achievable somewhat time consuming...
What would potentially be useful for a future version of PRTG would be the ability to add/remove customer response headers from the System Administration area.
Article Comments
This is disappointing to hear, as I think I am encountering the same issue. I have some js hosted on a webserver, and when I run the code from any other machine I am getting:
XMLHttpRequest cannot load /api/table.json?content=device&columns=o…stvalue&filter_tags=associations,freq&username=*&passhash=*. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin '(my website)' is therefore not allowed access.
So does this mean the API can only be run on the machine that is executing the script?
Jul, 2015 - Permalink
Another request: https://helpdesk.paessler.com/en/support/solutions/articles/760000635118603-how-to-configure-allow-access-control-origin-in-prtg-api-response-headers
Sep, 2015 - Permalink
Please see this article for how to set the value for the Access-Control-Allow-Origin HTTP response header with a registry key option. You can use this feature as of PRTG version 15.x.20.
Sep, 2015 - Permalink
Hello,
Thank you very much for your feedback. This is not possible / planned right now. We will put it on the wish list, and see if there are further requests from other PRTG users.
best regards
Jun, 2015 - Permalink