Call External REST API from Kibana Plugin

tamisalex · December 6, 2017, 4:27pm

My question is very similar to this thread: How to call external web service from Kibana Plugin?

However, I don't have control over this api so I cant change what headers/origin it accepts. The external REST api accepts all origins. However, the cors preflight check when I try an ajax call fails because kbn-version is in access-control-request-header.

Actual Error:
request header field kbn-version is not allowed by Access-Control-Allow-Headers in preflight response.

Is there a way I can remove this header when I make an ajax call from my plugin's controller.js

Thanks,

Alex

tamisalex · December 6, 2017, 4:34pm

API Call

$.ajax({
url: 'https://en.wikipedia.org/api/rest_v1/page/summary/Supercapacitor?redirect=true'
}).then(function (data) {
$scope.title = data.title;
$scope.summary = data.extract_html;
$element.trigger('renderComplete');
});

Request Headers

:authority:en.wikipedia.org
:method:OPTIONS
:path:/api/rest_v1/page/summary/Supercapacitor?redirect=true
:scheme:https
accept:/
accept-encoding:gzip, deflate, br
accept-language:en-US,en;q=0.9
access-control-request-headers:kbn-version
access-control-request-method:GET
origin:http://10.108.21.121:5601
user-agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/62.0.3202.94 Chrome/62.0.3202.94 Safari/537.36

tamisalex · December 6, 2017, 4:35pm

I accidently placed this in the X-Pack section, please let me know if I should report in Kibana section.

tsullivan · December 6, 2017, 8:30pm

Adding a kbnXsrfToken flag to the options of the HTTP call should do the trick.

If you were to use the Angular $http service (for no reason other than I personally see it more often), it would look like:

uiModule.controller('myView', ($injector, $scope) => {
  const $http = $injector.get('$http');
  const options = {
    method: 'GET',
    url: 'https://en.wikipedia.org/api/rest_v1/page/summary/Supercapacitor?redirect=true',
    kbnXsrfToken: false,
  };

  $http(options).then(result => {
    $scope.resultData = result.data;
  });
});

tamisalex · December 7, 2017, 5:08pm

Thanks @tsullivan! It worked brilliantly.

system · January 4, 2018, 5:08pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Request header field kbn-version is not allowed by Access-Control-Allow-Headers in preflight response Errror when doing Rest Call in Kibana Plugin Kibana	3	1674	July 6, 2017
Kibana XMLHttpRequest cannot load header Kibana	4	1626	July 6, 2017
[Plugin visualization] CORS policy error message with ElasticsearchJS Kibana	2	1141	March 12, 2019
CORS policy error message with ElasticsearchJS (Kibana plugin visualization) Elasticsearch	2	353	March 12, 2019
Authenticate on Kibana 6.0.0 with a post Kibana	7	2347	January 3, 2018

Call External REST API from Kibana Plugin

Related Topics