Angular 否';访问控制允许原点';请求的资源上存在标头。角弹片
我已经实现了对Kibana API端点的http post请求(Angular),但是我得到了以下错误 在'http://XX.X.X.XXX:XXXX/internal/security/login“起源”http://YY.YY.Y.YYY:YYYY'已被CORS策略阻止:对飞行前请求的响应未通过访问控制检查:请求的资源上不存在'access control Allow Origin'标头。 这是角码Angular 否';访问控制允许原点';请求的资源上存在标头。角弹片,angular,
elasticsearch,cors,http-post,kibana-7,Angular,
elasticsearch,Cors,Http Post,Kibana 7,我已经实现了对Kibana API端点的http post请求(Angular),但是我得到了以下错误 在'http://XX.X.X.XXX:XXXX/internal/security/login“起源”http://YY.YY.Y.YYY:YYYY'已被CORS策略阻止:对飞行前请求的响应未通过访问控制检查:请求的资源上不存在'access control Allow Origin'标头。 这是角码 const headers = new HttpHeaders({ 'Co
const headers = new HttpHeaders({
'Content-Type': 'application/json',
'kbn-version': '7.6.2'});
const body = {
username: 'username1',
password: 'password1'
};
return this.http.post('http://XX.X.X.XXX:XXXX/internal/security/login', body, { headers });
这是elasticsearch.yml的
cluster.name: Cluster
http.port: 9200
network.host: XX.X.X.XXX
node.data: true
node.ingest: false
node.master: true
node.max_local_storage_nodes: 1
node.name: Nodo_1
path.data: C:\Monitoring\elasticsearch\elasticsearch-7.6.2\data
path.logs: C:\Monitoring\elasticsearch\elasticsearch-7.6.2\logs
transport.tcp.port: 9300
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers: kbn-version, Origin, X-Requested-With, Content-Type, Accept, Engaged-Auth-Token, Authorization, X-Requested-With, Content-Type, Content-Length
server.port: 5601
server.host: "XX.X.X.XXX"
xpack.security.enabled: true
elasticsearch.hosts: ["http://XX.X.X.XXX:XXXX"]
elasticsearch.username: "username2"
elasticsearch.password: "password1"
这是kibana.yml
cluster.name: Cluster
http.port: 9200
network.host: XX.X.X.XXX
node.data: true
node.ingest: false
node.master: true
node.max_local_storage_nodes: 1
node.name: Nodo_1
path.data: C:\Monitoring\elasticsearch\elasticsearch-7.6.2\data
path.logs: C:\Monitoring\elasticsearch\elasticsearch-7.6.2\logs
transport.tcp.port: 9300
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers: kbn-version, Origin, X-Requested-With, Content-Type, Accept, Engaged-Auth-Token, Authorization, X-Requested-With, Content-Type, Content-Length
server.port: 5601
server.host: "XX.X.X.XXX"
xpack.security.enabled: true
elasticsearch.hosts: ["http://XX.X.X.XXX:XXXX"]
elasticsearch.username: "username2"
elasticsearch.password: "password1"
这个问题的发生是因为CORS的起源。您需要在交叉原点标题属性下允许源原点
您可以参考本文:
我更喜欢在服务器端处理这个问题,而不是在客户端实现一些东西永远不要直接从前端访问ES。更多信息在我的网站上。