To implement Cross-Origin Resource Sharing (CORS) on OpenWRT within Luci
is actually simple.
After very long search, I have found code in uHTTPd
on gitlab, which clearly shows option for CORS
. I haven't found anything, which would describe how to actually configure it.
There is nothing in uHTTPd documentation describing this functionally, /etc/config/uhttpd
does not mention anything either.
Luckily, you can have a look into how the process is starting and what parameters is checking.
doing
cat /etc/init.d/uhttpd | grep cors
append_bool "$cfg" ubus_cors "-X" 0
I have found configuration parameter, which I can set in /etc/config/uhttpd
This means, I can append another option to my configuration file.
config uhttpd 'main'
option ubus_cors '1'
The Response Headers would changed to
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=20
Access-Control-Allow-Origin: http://localhost:8081
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Credentials: true
Content-Type: application/json
Content-Length: 0
longer version would include
look into uhttpd main.c code
[https://github.com/mmaraya/uhttpd2/blob/master/main.c]
and check for function, which is checking the supplied parameters.
snippet from that section
#ifdef HAVE_UBUS
" -u string URL prefix for UBUS via JSON-RPC handler\n"
" -U file Override ubus socket path\n"
" -a Do not authenticate JSON-RPC requests against UBUS session api\n"
" -X Enable CORS HTTP headers on JSON-RPC api\n"
You can see that I need to run uhttpd
with opton -X
to enable CORS.
from here I searched in runtime for checking parameters.
Hi, I've gone down quite the rabbit hole trying to enable CORS for CGI. I'm trying to enable access to my modem via an iframe (inside Organizr), which requires X-Frame-Options to be set to ALLOW or Access-Control-Allow-Origin to be set to "*". Just commenting here since it was the most closely related resource I could find. Maybe one day someone else will stumble upon this and provide an answer.