Hotspot login by posting to login.html

Hi.

I’m trying to login hotspot users by issuing an ajax call to eg. http://10.5.50.1/login.
From chrome browser, I’m receiving “No ‘Access-Control-Allow-Origin’ header is present..”, however, the user is actually logged in successfully.
When trying with curl, eg:

curl -L -X post -d '{"username": "test", "password": "12345"}' "http://10.50.5.1/login"

the response is “Error 400: can’t read POST data”.

My ajax call looks something like this:

$.ajax({url: 'http://10.5.50.1/login',                                
    type: 'POST',                                                          
    data: {                                                                
        username: "test",                                           
        password: "12345",                                           
        dst: "http://someurl"
})

I’m using ROSv 6.11. Any ideas on how I could either add an Access-Control-Allow-Origin header, or get a sensible response when posting?

If you made usable on server profile / login the HTTP CHAP
the password is not only plaintext data, is MD5 coded

password posted to HotSpot = hexMD5(‘$(chap-id)’ + document.login.password.value + ‘$(chap-challenge)’);

$.ajax({url: '> http://10.5.50.1/login> ',
type: ‘POST’,
data: {
username: “test”,
password: > hexMD5( chap-id + > “12345” > + chap-challenge )> ,
dst: "> http://www.google.com> ",
popup: “no”,
submit: “OK”
})

I’m using HTTP PAP, and the login actually works. I’m given internet access after doing the post request.
However, I’m not getting a sensible response when doing the request, probably because I’m doing an XHR request,
and the mikrotik has not set Access-Control-Allow-Origin header.

I have tried adding

$(if http-header == Access-Control-Allow-Origin)*$(endif)

to login.html, but still no luck. It seems that if I curl that login.html, the access header is set correctly, but not when doing a HTTP post.

have you tried with get method instead of post method?