Elasticsearch: 403 Error when http.cors.enabled: true

Created on 22 Dec 2016  路  2Comments  路  Source: elastic/elasticsearch

Elasticsearch version: 5.1.1
Plugins installed: none
JVM version: 1.8
OS version: Win7, 64bit

As soon as the line http.cors.enabled: true is added to elasticsearch.yml and the server restarted queries begin to return 403.

I added the setting as described in elasticsearch-head to get the UI running.

Steps to reproduce:

  1. Add http.cors.enabled: true to elasticsearch.yml
  2. Restart Elastic Search
  3. Run a query like the one below

No error appears in the console of ES.

POST /myb-all/_search?pretty
{
  "from" : 0, "size" : 10,
  "query": { "match_all": {} },
  "_source": ["timestamp", "logfile", "type", "priority", "category"],
  "sort": [{"timestamp": "desc"}]
}
picture cawoodm
👍3

Most helpful comment

OK, quickfix for secure settings (i.e. LAN):

http.cors.enabled: true
http.cors.allow-origin: "*"
picture cawoodm on 22 Dec 2016
👍2

All 2 comments

Please see the other cors settings that you need to change in the documentation: https://www.elastic.co/guide/en/elasticsearch/reference/5.1/modules-http.html

clintongormley picture clintongormley on 22 Dec 2016
👍1

OK, quickfix for secure settings (i.e. LAN):

http.cors.enabled: true
http.cors.allow-origin: "*"
cawoodm picture cawoodm on 22 Dec 2016
👍2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

brwe picture brwe  路  3Comments
ttaranov picture ttaranov  路  3Comments
dadoonet picture dadoonet  路  3Comments
malpani picture malpani  路  3Comments
abrahamduran picture abrahamduran  路  3Comments