Enable cors in a kibana api in a docker container

Hey guys, I created a docker container with kibana, and I'm trying to access the kibana api from another origin/host through JS, but the api raises an error, because the cors is not enabled.

The error:

My kibana.yml:

---
## Default Kibana configuration from kibana-docker.
## https://github.com/elastic/kibana-docker/blob/master/.tedi/template/kibana.yml.j2
#
server.name: kibana
server.host: "0"
elasticsearch.hosts: [ "http://elasticsearch:9200" ]
xpack.monitoring.ui.container.elasticsearch.enabled: true

## X-Pack security credentials
#
elasticsearch.username: elastic
elasticsearch.password: changeme

## enable cors
server.cors: true
server.cors.origin: ["*"]

My js request:

$.ajax({
  method: "POST",
  url: "http://localhost:5601/api/security/v1/login",
  dataType: "json",
  headers: {
      "kbn-xsrf": "7.3.0",
      'Content-Type': 'application/json'},
  data: JSON.stringify({
    "username": 'elastic',
    "password": 'changeme'
  }),
  success: function (success) {
    console.log("opa deu certo");
  },
  error: function (error) { console.log("error login kibana"); }
});

docker-compose.yml

kibana:
  image: docker.elastic.co/kibana/kibana:7.3.0
  container_name: kibana
  hostname: kibana
  environment:
    - SERVER_NAME=kibana
    - ELASTICSEARCH_URL=http://elasticsearch:9200
    - ELASTICSEARCH_PORT=9200
    - ELASTIC_PWD=changeme
    - KIBANA_PWD=changeme
  volumes:
    - ./kibana/config/kibana.yml:/usr/share/kibana/config/kibana.yml:rw
  ports:
    - "5601:5601"
  links:
    - elasticsearch

I looked at this post, and I tried to make it work, I wasn't successful.

What I have to do, to fix this problem?

@jbudz please thank you!

Hey, cors support is fairly limited right now. There's an open issue at https://github.com/elastic/kibana/issues/16714. Settings CORS to true will enable support for GET requests, but to get around this you'll likely need a reverse proxy

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.