Config cors setting not working?

I setup a standalone elasticsearch using docker image(elasticsearch:alpine)
Try to enable cors setting in /usr/share/elasticsearch/config/elasticsearch.yml

http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers: "X-Requested-With,X-Auth-Token,Content-Type, Content-Length, Authorization"

then restart this container.
curl --head http://localhost:9200, the result is

HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
content-length: 327

No CORS header, is it right?

CORS is a two-way process. The client sends particular CORS-related headers, and then the server responds appropriately. Unless you tell curl to set those request headers, you won't see anything in the response.

If you add the Origin header to your request, you should see what you're looking for:

$ curl --head http://localhost:9200 -H 'Origin:'

HTTP/1.1 200 OK
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
content-length: 326

Thanks. my negligenc...

Thanks a lot...That helped me.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.