1

I am trying to connect my reacetivesearch application to external elasticsearch provider( not AWS). They dont allow making changes to the elasticsearch cluster and also using nginx in front of the cluster .

As per the reacetivesearch documentation I have cloned the proxy code and only made changes to the target and the authentication setting(as per the code below ) .

https://github.com/appbaseio-apps/reactivesearch-proxy-server/blob/master/index.js

Proxy is successfully starting and able to connect the remote cluster . However when I connect reacetivesearch app through proxy I get the following error.

Access to XMLHttpRequest at 'http://localhost:7777/testing/_msearch?' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource

I repeated the same steps with my local elasticsearch cluster using the same proxy code and getting the same error .

Just was wondering do we need to make any extra changes to make sure the proxy sending the right request to the elasticsearch cluster ? I am using the below code for the proxy.

const express = require('express');
const proxy = require('http-proxy-middleware');
const btoa = require('btoa');
const app = express();
const bodyParser = require('body-parser')

/* This is where we specify options for the http-proxy-middleware
 * We set the target to appbase.io backend here. You can also
 * add your own backend url here */
const options = {
    target: 'http://my_elasticsearch_cluster_adddress:9200/',
    changeOrigin: true,
    onProxyReq: (proxyReq, req) => {
        proxyReq.setHeader(
            'Authorization',
            `Basic ${btoa('username:password')}`
        );
        /* transform the req body back from text */
        const { body } = req;
        if (body) {
            if (typeof body === 'object') {
                proxyReq.write(JSON.stringify(body));
            } else {
                proxyReq.write(body);
            }
        }
    }
}

/* Parse the ndjson as text */
app.use(bodyParser.text({ type: 'application/x-ndjson' }));

/* This is how we can extend this logic to do extra stuff before
 * sending requests to our backend for example doing verification
 * of access tokens or performing some other task */
app.use((req, res, next) => {
    const { body } = req;
    console.log('Verifying requests ✔', body);
    /* After this we call next to tell express to proceed
     * to the next middleware function which happens to be our
     * proxy middleware */
    next();
})

/* Here we proxy all the requests from reactivesearch to our backend */
app.use('*', proxy(options));

app.listen(7777, () => console.log('Server running at http://localhost:7777 '));

Regards

user121080
  • 133
  • 1
  • 10

1 Answers1

2

Yep you need to apply CORS settings to your local elasticsearch.yaml as well as your ES service provider.

Are you using Elastic Cloud by any chance? They do allow you to modify Elasticsearch settings.

If so:

  1. Login to your Elastic Cloud control panel
  2. Navigate to the Deployment Edit page for your cluster
  3. Scroll to your '[Elasticsearch] Data' deployment configuration
  4. Click the User setting overrides text at the bottom of the box to expand the settings editor.

There's some example ES CORS settings about halfway down the reactivebase page that provide a great starting point. https://opensource.appbase.io/reactive-manual/getting-started/reactivebase.html

You'll need to update the provided http.cors.allow-origin: setting based on your needs.

Patrick
  • 53
  • 1
  • 9