I use Docker & Traefik to manage a ReactJS app calling an ElasticSearch API.
Here is my elasticsearch.yml config :
cluster.name: "docker-cluster"
network.host: 0.0.0.0
http.cors.enabled : true
http.cors.allow-origin: "*"
http.cors.allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers: X-Requested-With,X-Auth-Token,Content-Type,Content-Length
http.cors.allow-credentials: true
xpack.security.enabled: true
xpack.security.authc.api_key.enabled: true
And here the entry in docker-compose for my Elasticsearch service :
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.12.0
restart: always
volumes:
- ${DATA_FOLDER_ELASTICHSEARCH}:/usr/share/elasticsearch/data
- ./infra/elasticsearch/elasticsearch.yml:/usr/share/elasticsearch/config/elasticsearch.yml
environment:
- discovery.type=single-node
labels:
- "traefik.enable=true"
- "traefik.http.routers.elasticsearch.rule=Host(`myElastic.domain.com`)"
- "traefik.http.routers.elasticsearch.entrypoints=websecure"
- "traefik.http.routers.elasticsearch.middlewares=testHeader"
- "traefik.http.middlewares.testHeader.headers.accesscontrolallowmethods=GET,OPTIONS,POST"
- "traefik.http.middlewares.testHeader.headers.accesscontrolalloworiginlist=*"
- "traefik.http.middlewares.testHeader.headers.accesscontrolmaxage=100"
- "traefik.http.middlewares.testHeader.headers.addvaryheader=true"
networks:
- myNetwork
If I call my ElasticSearch API (like a simple POST on /myIndex/_search
using Postman for example, I have my response headers :
Access-Control-Allow-Origin : *
Vary : Origin
But I still have the CORS issue on my React app using fetch (for now I use directly the ElasticSearch API from my react).
Do I need to change anything from the fetch api ?
EDIT
Looking at CORS: Cannot use wildcard in Access-Control-Allow-Origin when credentials flag is true, it seems I can't use *
to define my allowed domains, so I put :
- "traefik.http.middlewares.testHeader.headers.accesscontrolalloworiginlist=https://reactApp.domain.com"
But no success ... in my Chrome console, I have this message :
preflight wildcard origin not allowed