跨域请求阻止的Elasticsearch [英] Cross-Origin Request Blocked elasticsearch

问题描述

我正在运行Elasticsearch 2.3版，我有一个Angular代码可以像search一样查询.当我运行它时，即使将http.cors.enabled设置为true以及使用http.cors.allow-origin也遇到此错误到/https?:\/\/localhost(:[0-9] +)?/

hi am running Elasticsearch version 2.3 and i have an Angular code to query like a search.when i run it i am getting this error even with http.cors.enabled set to true and also with http.cors.allow-origin to /https?:\/\/localhost(:[0-9]+)?/

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://localhost:9200/elastic/_search?size=50. This can be fixed by moving the resource to the same domain or enabling CORS

我不明白问题是什么.

我的请求标头.

    User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:35.0) Gecko/20100101 Firefox/35.0
Pragma: no-cache
Origin: http://127.0.0.1:8100
Host:   localhost:9200
Connection: keep-alive
Cache-Control:  no-cache
Access-Control-Request-Method:  POST
Access-Control-Request-Headers: content-type
Accept-Language:    en-US,en;q=0.5
Accept-Encoding:    gzip, deflate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

我的控制台看起来像这样.

my console looks like this.

但是，如果我将请求直接放在这样的浏览器中，则会得到正确的输出.

but if i put the request directly in the browser like this..i get correct output.

推荐答案

我已通过将这些行添加到yml中，然后重新启动ES来解决了该问题.

I've solved the problem by adding these lines to my yml, then restarting ES.

 http.cors.enabled : true
 http.cors.allow-origin: "*"
 http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE
 http.cors.allow-headers: X-Requested-With,X-Auth-Token,Content-Type,Content-Length
 http.cors.allow-credentials: true

这篇关于跨域请求阻止的Elasticsearch的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！