Hi, we are calling the elasticsearch (2.3.3.) from javascript code, using http methods. What in the headers do we need to set in the http request to get rid of the following error:
Request header content-type was not present in the Access-Control-Allow-Headers list.
Any help is appreciated, struggling with this issue since some time now.
What value(s) do you have set for http.cors.allow-headers in your elasticsearch.yml file? And what headers are sending in your CORS request?
I had added the following in the .yml file:
http.cors.enabled : true
http.cors.allow-origin : "*"
The issue got resolved when we set the 'Content-Type': 'text/plain', earlier it was set to 'application/json' because of which it was not passing the preflight check i guess. Let me know if my understanding is correct. Thanks.
Correct, application/json is not an allowed Content-Type for CORS requests, see: http://www.w3.org/TR/cors/#simple-header for the allowed Content-Type values for CORS
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.