New Question
 
 
PRTG Network Monitor

Intuitive to Use.
Easy to manage.

200.000 administrators have chosen PRTG to monitor their network. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free PRTG
Download >>

 

What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general. You are invited to get involved by asking and answering questions!

Learn more

 

Top Tags


View all Tags


PRTG API and CORS: Accessing the API from JavaScript

Votes:

0

Your Vote:

Up

Down

I have noticed a number of posts about this, however nothing really up-to-date.

What I am attempting to do is access the PRTG API from a client script (JavaScript) within a basic HTML5 website. This is however hampered by HTTP access control (CORS). Specifically the absence of the following response headers:

  • Access-Control-Allow-Origin
  • Access-Control-Allow-Methods
  • Access-Control-Allow-Header

Is there a way, either via the web interface or via manually editing a config file on the PRTG server to add custom response headers to PRTG?

This would allow users to add the necessary response headers and enable CORS for their PRTG instance, thus allowing cross origin resource sharing.

The other possibility that has been previously raised is to use JSONP. However this is not truly viable due to strict MIME type checking in Google Chrome. Refused to execute script from 'https://...' because its MIME type ('application/json') is not executable, and strict MIME type checking is enabled. JSONP seems to work Ok in Firefox 35.0.1 but is buggy in IE 11.0.19 and fails in Google Chrome 43.0.2357.71

At the moment the only option I am left with is writing my own custom web api proxy, which while totally achievable somewhat time consuming...

What would potentially be useful for a future version of PRTG would be the ability to add/remove customer response headers from the System Administration area.

api prtg web-api

Created on Jun 10, 2015 1:43:25 AM by  LukeEdwards (0) 1



Best Answer

Accepted Answer

Votes:

0

Your Vote:

Up

Down

Please see this article for how to set the value for the Access-Control-Allow-Origin HTTP response header with a registry key option. You can use this feature as of PRTG version 15.x.20.

Created on Sep 15, 2015 4:08:29 PM by  Gerald Schoch [Paessler Support]

Last change on Sep 15, 2015 4:08:43 PM by  Gerald Schoch [Paessler Support]



4 Replies

Votes:

0

Your Vote:

Up

Down

Hello,

Thank you very much for your feedback. This is not possible / planned right now. We will put it on the wish list, and see if there are further requests from other PRTG users.

best regards

Created on Jun 23, 2015 11:34:26 AM by  Torsten Lindner [Paessler Support]



Votes:

0

Your Vote:

Up

Down

This is disappointing to hear, as I think I am encountering the same issue. I have some js hosted on a webserver, and when I run the code from any other machine I am getting:

XMLHttpRequest cannot load /api/table.json?content=device&columns=o…stvalue&filter_tags=associations,freq&username=*&passhash=*. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin '(my website)' is therefore not allowed access.

So does this mean the API can only be run on the machine that is executing the script?

Created on Jul 14, 2015 9:20:40 PM by  kelmore (0) 1




Accepted Answer

Votes:

0

Your Vote:

Up

Down

Please see this article for how to set the value for the Access-Control-Allow-Origin HTTP response header with a registry key option. You can use this feature as of PRTG version 15.x.20.

Created on Sep 15, 2015 4:08:29 PM by  Gerald Schoch [Paessler Support]

Last change on Sep 15, 2015 4:08:43 PM by  Gerald Schoch [Paessler Support]



Please log in or register to enter your reply.


Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.