Added proper headers for cross-origin resource sharing (CORS) with Ajax
Previously, when responding to Ajax requests, elasticsearch did not send proper headers for cross-origin resource sharing (CORS) -- see issues #828, #2186. With this commit, Ajax requests should be working. Example: jQuery.ajax({ url: "http://localhost:9200/_search", type: "POST", contentType: 'application/json; charset=UTF-8', success: function(data) { console.log(data) } }); See: * http://www.nczonline.net/blog/2010/05/25/cross-domain-ajax-with-cross-origin-resource-sharing/ * http://www.w3.org/TR/cors/#access-control-allow-headers-response-header Closes #2186, fixes #828
This commit is contained in:
parent
f2db8eaca2
commit
f659cad8d6
|
@ -73,13 +73,13 @@ public class NettyHttpChannel implements HttpChannel {
|
||||||
resp = new DefaultHttpResponse(HttpVersion.HTTP_1_1, status);
|
resp = new DefaultHttpResponse(HttpVersion.HTTP_1_1, status);
|
||||||
}
|
}
|
||||||
if (RestUtils.isBrowser(request.getHeader(HttpHeaders.Names.USER_AGENT))) {
|
if (RestUtils.isBrowser(request.getHeader(HttpHeaders.Names.USER_AGENT))) {
|
||||||
// add support for cross origin
|
// Add support for cross-origin Ajax requests (CORS)
|
||||||
resp.addHeader("Access-Control-Allow-Origin", "*");
|
resp.addHeader("Access-Control-Allow-Origin", "*");
|
||||||
if (request.getMethod() == HttpMethod.OPTIONS) {
|
if (request.getMethod() == HttpMethod.OPTIONS) {
|
||||||
// also add more access control parameters
|
// Allow Ajax requests based on the CORS "preflight" request
|
||||||
resp.addHeader("Access-Control-Max-Age", 1728000);
|
resp.addHeader("Access-Control-Max-Age", 1728000);
|
||||||
resp.addHeader("Access-Control-Allow-Methods", "PUT, DELETE");
|
resp.addHeader("Access-Control-Allow-Methods", "OPTIONS, HEAD, GET, POST, PUT, DELETE");
|
||||||
resp.addHeader("Access-Control-Allow-Headers", "X-Requested-With");
|
resp.addHeader("Access-Control-Allow-Headers", "X-Requested-With, Content-Type, Content-Length");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue