Config cors setting not working?

Gordon_Wang · June 21, 2017, 2:25am

I setup a standalone elasticsearch using docker image(elasticsearch:alpine)
Try to enable cors setting in /usr/share/elasticsearch/config/elasticsearch.yml

http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers: "X-Requested-With,X-Auth-Token,Content-Type, Content-Length, Authorization"

then restart this container.
curl --head http://localhost:9200, the result is

HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
content-length: 327

No CORS header, is it right?

TimV · June 23, 2017, 6:34am

CORS is a two-way process. The client sends particular CORS-related headers, and then the server responds appropriately. Unless you tell curl to set those request headers, you won't see anything in the response.

If you add the Origin header to your request, you should see what you're looking for:

$ curl --head http://localhost:9200 -H 'Origin: http://foo.com'

HTTP/1.1 200 OK
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
content-length: 326

Gordon_Wang · June 26, 2017, 1:39am

Thanks. my negligenc...

Yugansh_Aggarwal · July 7, 2017, 12:53pm

Thanks a lot...That helped me.

system · August 4, 2017, 12:53pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.