CORS issue in Elastic Search

Priyanka_Kharote · March 26, 2016, 5:55am

I am consuming Elastic Search Web-service. But I receive
XMLHttpRequest cannot load http://<IP>:9200/providers3/provider3/_search. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin "http://localhost:8085" is therefore not allowed access.

When I put below settings in elasticsearch.yml file

http.cors.enabled : true
http.cors.allow-origin: "*"
http.cors.allow-methods : OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers : "X-Requested-With,X-Auth-Token,Content-Type, Content-Length, Authorization"

then Elastic search server fails to start.
Your help would be appreciated.

Thanks.

dadoonet · March 26, 2016, 6:13am

Be cautious with yml format.

For example, I think that http.cors.enabled : true won't work but http.cors.enabled: true should.

HTH

Priyanka_Kharote · March 26, 2016, 6:33am

Did changes as you suggested. Now server starting with no errors but CORS issue still exists.

Priyanka_Kharote · March 26, 2016, 12:48pm

Resolved above issue. As @dadoonet suggested yml formatting, there was a space issue.
Below lines are correct, just give a single space before them and CORS issue is solved.

http.cors.enabled : true
http.cors.allow-origin: "*"
http.cors.allow-methods : OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers : "X-Requested-With,X-Auth-Token,Content-Type, Content-Length, Authorization"

Anyone facing same issue can try this.

Thanks

system · July 5, 2017, 11:04pm