In my case I faced the same issue cause my web tier is hosted on a different domain. My configuration is working quite well, I can see the pre-flight (OPTIONS) call returning 200 and then subsequent POST or GET being succesfull.
I have used the following configuration: http.cors.enabled: true http.cors.allow-origin: "my regex for my domains" http.cors.allow-methods: "OPTIONS, HEAD, GET, POST, PUT, DELETE" http.cors.allow-credentials: true http.cors.allow-headers: "X-Requested-With, Content-Type, Content-Length, accept, authorization" You can work with Chrome F12 and verify which are the pre-flight headers sent by your application and add them to the parameter http.cors.allow-headers On Tuesday, November 11, 2014 at 1:21:05 PM UTC+1, Reza Samee wrote: > > Hello to all! > > Note: I'm new to ELK :) > > I'm using elasticsearch 1.4.0 and I'm trying to enable "http.cors" feature > in elasticsearch. When I set "http.cors.enabled: true" and > "http.cors.allow-origin: *" in config file and then restart, the > "http.cors" feature doesn't enabled yet and I can't use kibana again. > What's wrong with my config file? > > elasticsearch.conf: > > http.cors.enabled: true > http.cors.allow-origin: "*" > > -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/a6aa7e2b-5809-4d42-8dc5-3fdfc7dd8547%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
