All geek questions in one place

CORS error while sending request to logstash

I configured Logstash 1.5.2 to use http login on a Linux machine.

This is my logstash input configuration:

input {
        http {
                host => "10.x.x.120"
                port => "8500"
        }
}

I can send data to logstash using curl -XPOST from a Linux machine.

But when I do $ http.post (url, postData); request from my angularJS application. I get the following error:

Cross-request request is blocked: a policy of the same origin prohibits reading a remote resource

I hosted my application on the same linux machine using nginx in a docker container. I tried to configure nginx to enable CORS by adding the following lines to nginx.conf:

    add_header 'Access-Control-Allow-Origin' '*';
    add_header 'Access-Control-Allow-Credentials' 'true';
    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
    add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';

But the error persists.

Also, when I hit http: //10.xx120: 8500 from my browser address bar, I get "ok".

enter image description hereenter image description here . .

+4
3

, nginx.

URL : http://10.x.x.120/logs

nginx.conf:

location^~ /logs {
    proxy_pass http://10.x.x.120:8500; 
}

, HTTP POST http://10.x.x.120:8500/logs, <2 > .

Voila!! Logstash , 8500.

+1

Logstash http, HTTP-. http :

http {
    response_headers {
        "Content-Type" => "application/x-www-form-urlencoded",
        "Access-Control-Allow-Origin" => "*",
    }
}
+1

you need not only to configure POST / GET, but also OPTIONS, this is the configuration that I have and works

#
# Wide-open CORS config for nginx
#
location / {
     if ($request_method = 'OPTIONS') {
        add_header 'Access-Control-Allow-Origin' '*';
        #
        # Om nom nom cookies
        #
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
        #
        # Custom headers and headers various browsers *should* be OK with but aren't
        #
        add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
        #
        # Tell client that this pre-flight info is valid for 20 days
        #
        add_header 'Access-Control-Max-Age' 1728000;
        add_header 'Content-Type' 'text/plain charset=UTF-8';
        add_header 'Content-Length' 0;
        return 200;
     }
     if ($request_method = 'POST') {
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
        add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
     }
     if ($request_method = 'GET') {
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
        add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
     }
}
0
source

Source: https://habr.com/ru/post/1598376/

More articles:


All Articles