Dev Tools - user-agent Header Missing

nickkd · April 30, 2024, 7:34pm

Hey!

Hopefully this isn't an entirely strange question - we're running into an issue when using the console in the dev-tools of Kibana 8.11 where it looks like when Kibana sends the query to Elasticsearch, the ALB isn't seeing any user-agent in the header and so the traffic is being dropped at the ALB (due to a Web Application Firewall).

I just was curious if this is by design, or if we're missing something entirely and Kibana does set (or uses the user-agent value from the browser) when it's proxing it's call to Elasticsearch.

Everything else in Kibana works fine - Discover, Index Management, etc - it only appears that the dev console isn't sending the user-agent string. Or potentially something else is dropping it along the way, which wouldn't be a problem for Kibana itself but the logs in the ALB seem to suggest it isn't there either.

Thanks!!

Nick

bhavyarm · May 6, 2024, 10:36pm

@Yulia_Cech can this user get some help? Thanks!

Yulia_Cech · May 7, 2024, 11:51am

Hey @nickkd,

I think you need to add the header you want to keep to the config elasticsearch.requestHeadersWhitelist (docs), otherwise the headers are filtered out when sending a request via dev tools console (see this file).

Hope that helps!

Yulia

nickkd · May 7, 2024, 1:02pm

@Yulia_Cech

In my config file, that setting is currently commented out so I did try to uncomment it and set it this way:

# List of Kibana client-side headers to send to Elasticsearch. To send *no* client-side
# headers, set this value to [] (an empty list).
elasticsearch.requestHeadersWhitelist: [ 'authorization', 'user-agent' ]

Unfortunately in the journalctl logs for kibana.service, I'm seeing this as an error. It appears we cannot set 'user-agent' as a whitelisted header?

May 07 12:59:30 ip-1-2-3-4 kibana[54570]:  FATAL  Error: [config validation of [elasticsearch].requestHeadersWhitelist]: types that failed validation:
May 07 12:59:30 ip-1-2-3-4 kibana[54570]: - [config validation of [elasticsearch].requestHeadersWhitelist.0]: expected value of type [string] but got [Array]
May 07 12:59:30 ip-1-2-3-4 kibana[54570]: - [config validation of [elasticsearch].requestHeadersWhitelist.1]: cannot use reserved headers: [user-agent]

This is on Kibana 8.11.4 of Kibana.

Yulia_Cech · May 10, 2024, 4:52pm

Hi @nickkd, I found out that the header "user-agent" can't be added to this config and your use case might be a bug in the Console proxy implementation. I opened an issue to track this, please feel free to follow it for updates and if you wish, you can also comment more details on it.