Possibility to add CORS domains permanently

Hello,

I am using PiHole API with another service. To use it I need to access the API with a specific URL, where PiHole returns me that there are problems with CORS. [I have no idea what Cors is or how it works].

However, if I add the domain I want to access the API from here, everything works fine:
var/www/html/pihole/scripts/pihole/php/auth.php

...
function check_cors()
{
    $ip = $_SERVER['SERVER_ADDR'];

    // Check CORS
    $AUTHORIZED_HOSTNAMES = array(
        $ip,
        str_replace(array('[', ']'), array('', ''), $_SERVER['SERVER_NAME']),
        'pi.hole',
        'localhost',
        'HERE MY DOMAIN',
    );
...

Unfortunately this resets after every update. Could you make it possible to enter a domain there permanently, so that I don't have to re-enter it after each update?

If you'd read that code further, you should see that you could populate CORS_HOSTS (and also VIRTUAL_HOST, potentially) environment variables for that purpose.

Okay, but I don't get it. How exactly can I add domains there?

There are several ways to achieve this, e.g. via a custom lighttpd configuration as mentioned in Cannot access api.php Json from localhost or different server, or simply setting CORS_HOSTS for a Pi-hole Docker container.

I think you mean this?


You don't know how I can do this in Apache2, do you? I do not use lighttpd but Apache2

Sorry, I don't.

I'm not very well versed in Apache configurations, but I think you need to set an Environment Variable using SetEnv.

I did it, unfortunately I still need to put the domain in the auth.php file.

I'm unable to test right now, but I think if you set the variable using something like this:

<VirtualHost hostname:80>
   ...
   SetEnv CORS_HOSTS desired.domain.name
   ...
</VirtualHost>

The PHP code should read the value (line 56) and insert it into $AUTHORIZED_HOSTNAMES variable (line 58):

NOTE:
You need to restart apache2 after edit your config.

It works! Thank you very much!

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.