Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ability to specify CORS accepted origins #16714

Open
tylersmalley opened this issue Feb 13, 2018 · 6 comments
Open

Ability to specify CORS accepted origins #16714

tylersmalley opened this issue Feb 13, 2018 · 6 comments

Comments

@tylersmalley
Copy link
Member

@tylersmalley tylersmalley commented Feb 13, 2018

Currently server.cors accepts a boolean when in production. Setting this to true, uses * for the accepted origins. Users should be able to specify the origins like we do in dev for Karma ['*://localhost:9876']

@anton-putau

This comment has been minimized.

Copy link

@anton-putau anton-putau commented Feb 14, 2018

This also not works

cors: Joi.when('$dev', {
      is: true,
      then: Joi.boolean().default(true),
      otherwise: Joi.boolean().default(true)
    })

Tested on windows 10 for 5.6

It seems adding header via proxy can be a solution currently

@rnkhouse

This comment has been minimized.

Copy link

@rnkhouse rnkhouse commented Apr 23, 2019

Any update on this?
I setup kibana config with

server.cors: true
server.cors.origin: ["*"]

But, still getting cross-origin error.

@katzelad

This comment has been minimized.

Copy link

@katzelad katzelad commented May 21, 2019

Also, allowing customization of some other CORS properties would be very helpful.
In order to allow automatic login from an external domain I had to modify http_tools.js as follows:
cors: { additionalHeaders: ['kbn-version','cookie'], origin: ['*'], credentials: true }
It would be nice to be able to configure this from kibana.yml.

@epixa epixa added Team:Platform and removed Team:Platform labels May 22, 2019
@elasticmachine

This comment has been minimized.

Copy link
Contributor

@elasticmachine elasticmachine commented May 22, 2019

@katzelad

This comment has been minimized.

Copy link

@katzelad katzelad commented May 27, 2019

@tylersmalley Will you consider accepting a PR?
CORS options would be set by kibana.yml parameters, for example:
server.cors.origin: ["*"]
server.cors.additionalHeaders: ["kbn-version", "cookie"]
server.cors.credentials: true

@afdezl

This comment has been minimized.

Copy link

@afdezl afdezl commented Dec 16, 2019

Hi, any updates on this? Would be extremely useful. Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
8 participants
You can’t perform that action at this time.