Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

ElasticSearch Access-Control-Allow-Headers header is not present

Tags:

rest

javascript

ajax

cors

elasticsearch

I am making a POST request from a local https server to an ElasticSearch endpoint which has been configured as follows

http.cors.enabled: true
http.cors.allow-credentials: true
http.cors.allow-origin: "*"
http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers: X-Requested-With, X-Auth-Token, Content-Type, Content-Length, Authorization, Access-Control-Allow-Headers, Accept

The request has headers:

Access-Control-Allow-Headers: Accept, Access-Control-Allow-Headers, Authorization, Content-Type
Content-Type: application/json; charset=utf-8
Accept: application/json; charset=utf-8
Access-Control-Allow-Credentials: true
Authorization: (basic authentication token)

On a POST request, the following error appears: Request header field Access-Control-Allow-Headers is not allowed by Access-Control-Allow-Headers in preflight response.

The network debugger indeed shows that the Access-Control-Allow-Headers header is not present in the response header. The response header:

HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://dl.dropboxusercontent.com
Vary: Origin
Access-Control-Allow-Methods: 
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
content-length: 0
date: Fri, 29 Apr 2016 14:08:14 GMT

Note that Access-Control-Allow-Headers is not present and Access-Control-Allow-Methods is blank. All possible string formats have been tested, and these headers do not appear.

like image 479
user4815162342 Avatar asked Oct 19 '22 10:10

user4815162342

2 Answers

You should add following signs to your elasticsearch.yml:

http.cors.allow-methods : OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers : Authorization, X-Requested-With,X-Auth-Token,Content-Type, Content-Length

and then restart the es, enjoy!

like image 174
Kevin Avatar answered Oct 21 '22 04:10

Kevin

I finally solved the problem with these config lines in elasticsearch.yml:

http.cors.enabled: true
http.cors.allow-origin: /https?:\/\/(localhost)?(127.0.0.1)?(:[0-9]+)?/
http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers: Authorization, X-Requested-With,X-Auth-Token,Content-Type, Content-Length
like image 27
WooodHead Avatar answered Oct 21 '22 05:10

WooodHead
Sign in to Comment

Related questions

Do a mouse wheel in protractor
React/Redux State is empty on second action call
HTML space format affecting JavaScript/CSS
Why not allowed using success in jquery datatable server side processing ajax?
Google Line Chart: dashed section
How to loop through a .txt file and get the values in javascript
How to list all file name from a folder using angular js
How to split array dynamically based on single value in JavaScript Node.js
javascript dispatchEvent Keypress, returns true , but input field is still empty
Fetching information from nested JSON based on unique fields using AngularJS
Object doesn't support property or method 'jscomp_symbol_iterator0'
What is the correct way to listen to nested changes using Firebase?
React Native - hyphenation
recursive setTimeout pattern
ZingChart - How to keep zoom level when appending values in Real Time feed
"Return" content when closing toggle
Angular 9: How show with a HttpInterceptor the stacktrace of a request?
Error: Failed to instantiate module restangular due to: '_' is undefined
three.js 2D Text sprite labels
Create unique colors using javascript

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!