Javascript ElasticSearch访问控制允许标头不存在
我正在从本地https服务器向ElasticSearch端点发出POST请求,该端点配置如下Javascript ElasticSearch访问控制允许标头不存在,javascript,ajax,rest,
elasticsearch,cors,Javascript,Ajax,Rest,
elasticsearch,Cors,我正在从本地https服务器向ElasticSearch端点发出POST请求,该端点配置如下 http.cors.enabled: true http.cors.allow-credentials: true http.cors.allow-origin: "*" http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE http.cors.allow-headers: X-Requested-With, X-Auth-Toke
http.cors.enabled: true
http.cors.allow-credentials: true
http.cors.allow-origin: "*"
http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers: X-Requested-With, X-Auth-Token, Content-Type, Content-Length, Authorization, Access-Control-Allow-Headers, Accept
请求包含以下标题:
Access-Control-Allow-Headers: Accept, Access-Control-Allow-Headers, Authorization, Content-Type
Content-Type: application/json; charset=utf-8
Accept: application/json; charset=utf-8
Access-Control-Allow-Credentials: true
Authorization: (basic authentication token)
在POST请求中,出现以下错误:请求标头字段飞行前响应中的访问控制允许标头不允许访问控制允许标头。
网络调试器确实显示,访问控制允许标头
标头不存在于响应标头中。响应标题:
HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://dl.dropboxusercontent.com
Vary: Origin
Access-Control-Allow-Methods:
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
content-length: 0
date: Fri, 29 Apr 2016 14:08:14 GMT
请注意,
Access Control Allow Headers
不存在,Access Control Allow Methods
为空。所有可能的字符串格式都已经过测试,这些标题不会出现 您应该在elasticsearch.yml中添加以下符号:
http.cors.allow-methods : OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers : Authorization, X-Requested-With,X-Auth-Token,Content-Type, Content-Length
http.cors.enabled: true
http.cors.allow-origin: /https?:\/\/(localhost)?(127.0.0.1)?(:[0-9]+)?/
http.cors.allow-methods : OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers : Authorization, X-Requested-With,X-Auth-Token,Content-Type, Content-Length
然后重新启动es,尽情享受吧 我终于在elasticsearch.yml
中解决了这些配置行的问题:
http.cors.allow-methods : OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers : Authorization, X-Requested-With,X-Auth-Token,Content-Type, Content-Length
http.cors.enabled: true
http.cors.allow-origin: /https?:\/\/(localhost)?(127.0.0.1)?(:[0-9]+)?/
http.cors.allow-methods : OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers : Authorization, X-Requested-With,X-Auth-Token,Content-Type, Content-Length
看起来很像2.3中解决的问题。