I just upgraded my local environment from ES 2.2 to ES 2.3 and I started getting this error (using searchkit):
XMLHttpRequest cannot load http://localhost:9200/corpus/_search. Request header field Content-Type is not allowed by Access-Control-Allow-Headers in preflight response.
It's reproducible by simply making a jQuery.get() on the url.
I do have the same http settings in config/elasticsearch.yml as in 2.2 instance:
http.cors.enabled: true
http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers: X-Requested-With,X-Auth-Token,Content-Type,Content-Length
http.cors.allow-origin: "*"
Reverting back to 2.2 instance fixes the error. Any ideas why ES 2.3 has this issue?