Hi, I'm using the app-search node js client library in my web application. I'm able to index, and search for documents but when I try to destroy them I receive the following error:
Access to fetch at '{redacted}/documents' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
Hey @terell, the correct way to hit the index or delete endpoints from a browser is to set up your own server side endpoints which then call index or delete. This will solve your CORS issue, and also alleviate 2 other issues:
You should probably not be using the App Search node client in browser based JavaScript. We have a JavaScript client which is intended for browser usage: https://github.com/elastic/app-search-javascript.
The index and delete endpoints require a Private Key, which you would not want to expose in browser JavaScript. The only key which is considered safe to expose is the Search Key.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.