HTTP input plugin - how to avoid Logstash to pass through preflight OPTIONS to Elasticsearch

Hello,

I have web application who is using JQuery Ajax to POST event data of JSON format to Logstash's HTTP input. Here is the snippet of Ajax call.

            $.ajax({
                url: logstashUrl,
                method: 'POST',
                dataType: 'json',
                contentType: 'application/json',
                data: JSON.stringify(eventBody),
                success: function() {},
                error: function() {}
             });

Logstash then forwards the JSON data to Elasticsearch. Here is the Logstash configuration file:

    input {
       http {
          host => "127.0.0.1" # default: 0.0.0.0
          port => 8080 # default: 8080
          response_headers => {
                "Access-Control-Allow-Origin" => "*"
                "Content-Type" => "text/plain"
                "Access-Control-Allow-Headers" => "Origin, X-Requested-With, Content-Type, Accept"
         }
     }
  }
  output {
      elasticsearch {
           hosts => [ "localhost:9200" ]
      }
  }

CORS is enabled in Logstash server side for the cross origin communication. We checked different type of browsers and found in Chrome version 68, there is preflight OPTIONS request sent to Logstash before every POST request and somehow passthrough to Elasticsearch, which is not expected.

I made some research and believe it is inevitable to have browser client send preflight to server when across different origin, and one walk-around is to set up "Access-Control-Max-Age" so that response from server can be cached. However it seems not working for me when add "Access-Control-Max-Age" => 1728000 to input http response header in config file.

Anyone can help?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.