github-mirrors/elasticsearch
1
0
Fork 0
mirror of https://github.com/elastic/elasticsearch.git synced 2025-04-25 07:37:19 -04:00
Code Issues Projects Releases Packages Wiki Activity

CORS: Allowed to configure allow-credentials header to work via SSL

Browse source 
This adds support to return the "Access-Control-Allow-Credentials" header
if needed, so CORS will work flawlessly with authenticated applications.

Closes #6380
This commit is contained in:
Alexander Reelsen 2014-08-05 17:31:33 +02:00
parent 657b954528
commit 35e67c84fa
5 changed files with 30 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

4
docs/reference/modules/http.asciidoc
View file

@ -57,6 +57,10 @@ be cached for. Defaults to `1728000` (20 days)
|`http.cors.allow-headers` |Which headers to allow. Defaults to
`X-Requested-With, Content-Type, Content-Length`.
|`http.cors.allow-credentials` | Whether the `Access-Control-Allow-Credentials`
header should be returned. Note: This header is only returned, when the setting is
set to `true`. Defaults to `false`
|=======================================================================