I'm trying to set up a local Elasticsearch instance for development purposes. So I started with a basic docker-compose.yml file:
services: elasticsearch: image: elasticsearch:8.7.1 ports: - 9200:9200 environment: discovery.type: single-node # Runs as a single-node ES_JAVA_OPTS: '-Xms256m -Xmx256m' network.bind_host: 0.0.0.0 xpack.security.enabled: 'false' volumes: # Stores elasticsearch data locally on the esdata Docker volume - esdata:/usr/share/elasticsearch/data networks: - internal - elastic # Define the Docker volume named esdata for the Elasticsearch container. volumes: esdata: # Networks to use networks: elastic: external: true internal: driver: bridge
This works fine, in order to test a WordPress plugin that uses Elasticsearch. However, Now I need to avoid CORS related errors, so I tried to add parameters to the environment:
http.cors.enabled: 'true' http.cors.allow-origin: "*" http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE http.cors.allow-headers: X-Requested-With, X-Auth-Token, Content-Type, Content-Length, Authorization, Access-Control-Allow-Headers, Accept http.cors.allow-credentials: 'true'
This doesn't work. The Elasticsearch refuses connections after applying the changes.
So, what I need is to have the same minimal security but allowing at the same time CORS request from anywhere.
Your suggestions will be greatly appreciated.