ElasticSearch Access-Control-Allow-Headers 标头不存在

Question

ElasticSearch Access-Control-Allow-Headers 标头不存在

use*_*342 5 javascript ajax rest cors elasticsearch

我正在从本地 https 服务器向 ElasticSearch 端点发出 POST 请求，该端点配置如下

http.cors.enabled: true
http.cors.allow-credentials: true
http.cors.allow-origin: "*"
http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers: X-Requested-With, X-Auth-Token, Content-Type, Content-Length, Authorization, Access-Control-Allow-Headers, Accept

Run Code Online (Sandbox Code Playgroud)

该请求具有标头：

Access-Control-Allow-Headers: Accept, Access-Control-Allow-Headers, Authorization, Content-Type
Content-Type: application/json; charset=utf-8
Accept: application/json; charset=utf-8
Access-Control-Allow-Credentials: true
Authorization: (basic authentication token)

Run Code Online (Sandbox Code Playgroud)

在 POST 请求中，出现以下错误： Request header field Access-Control-Allow-Headers is not allowed by Access-Control-Allow-Headers in preflight response.

网络调试器确实显示Access-Control-Allow-Headers响应标头中不存在标头。响应头：

HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://dl.dropboxusercontent.com
Vary: Origin
Access-Control-Allow-Methods: 
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
content-length: 0
date: Fri, 29 Apr 2016 14:08:14 GMT

Run Code Online (Sandbox Code Playgroud)

请注意，Access-Control-Allow-Headers不存在且Access-Control-Allow-Methods为空白。所有可能的字符串格式都已经过测试，这些标题不会出现。

Answer 1

小智 3

您应该在您的中添加以下标志elasticsearch.yml：

http.cors.allow-methods : OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers : Authorization, X-Requested-With,X-Auth-Token,Content-Type, Content-Length

Run Code Online (Sandbox Code Playgroud)

然后重新启动es，享受吧！

归档时间：	9 年，8 月前
查看次数：	2617 次
最近记录：	4 年，11 月前