elasticsearch:跨源请求阻塞,尽管配置http模块 [英] elasticsearch: Cross-Origin Request Blocked despite configuring http module
问题描述
我使用的是elasticsearch的2.3.2版本。在我的elasticsearch.yml文件中,我添加了以下行以允许跨源请求。
I am using version 2.3.2 of elasticsearch. In my elasticsearch.yml file I have added the below lines to allow Cross-Origin requests.
http.cors.enabled: true
http.cors.allow-credentials: true
http.cors.allow-methods: OPTIONS,HEAD,GET,POST,PUT,DELETE
http.cors.max-age: 0
http.cors.allow-origin: /http?:\/\/localhost(:[0-9]+)?/
http.cors.allow-headers : X-Requested-With,X-Auth-Token,Content-Type,Content-Length
查询从Firefox,我得到以下错误;
However, when i try to execute a query from Firefox, I get the following error;
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote
resource at http://localhost:9200/someIndex/_search?size=10&from=0.
(Reason: CORS header 'Access-Control-Allow-Origin' missing).
替换 http.cors.allow-origin
参数*
似乎工作,但文档表明这是一个安全请求。
Replacing the http.cors.allow-origin
parameter with "*"
, seems to work, but the documentation indicates this is a security requests.
请求标头位于下面;
Accept - application/json, text/plain, */*
Accept-Encoding - gzip, deflate
Accept-Language - en-US,en;q=0.5
Content-Length - 26
Content-Type - application/json;charset=utf-8
DNT - 1
Host - localhost:9200
Origin - null
User-Agent - Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:44.0) Gecko/20100101 Firefox/44.0
有人可以建议我上面做错了什么吗?
Could someone please suggest what I am doing wrong in the above?
推荐答案
你似乎有一个小错字。
You seem to have a small typo.
应该读
http.cors.allow-origin: /https?:\/\/localhost(:[0-9]+)?/
^
|
add this
您在?
之前缺少 s
,表示http或https
i.e. you're missing the s
before the ?
, which means "either http or https"
这篇关于elasticsearch:跨源请求阻塞,尽管配置http模块的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!