Authorization Exception in only Chrome and Safari when using Elasticsearch 2.3.0

If you just upgraded to Elasticsearch 2.3.0 and are now getting fatal "Authorization Exception" errors when you try to access Kibana in Chrome or Safari, you can likely fix the issue with a quick configuration change.

If you have http.cors.enabled set in your elasticsearch configuration for Kibana's sake, remove it. This configuration is no longer necessary in Kibana 4.

If you require http.cors.enabled in your elasticsearch config for some other reason, then as of ES 2.3.0, you must also set http.cors.allow-origin: https://www.elastic.co/guide/en/elasticsearch/reference/2.3/breaking_20_setting_changes.html#_cors_allowed_origins

The github issue for this is https://github.com/elastic/kibana/issues/6719

I should note: if you don't have http.cors.enabled in your elasticsearch config and are still getting authorization errors, then you are almost certainly encountering a different issue entirely. I recommend posting a separate thread in that case rather than replying to this one.