CORS preflight requests fail if basic auth is in use on the proxy
Opened this issue · 1 comments
I have installed the aws-es-proxy with the following runtime options:
./bin/aws-es-proxy -listen 0.0.0.0:$PORT -endpoint <endpoint> -auth -username $ESPROXY_USERNAME -password $ESPROXY_PASSWORD -realm $ESPROXY_REALM
And I am using the proxy from a client-side react app; the app and the proxy are on different domains. So for correct operation, a CORS setup is required. Prior to a search request via the proxy, the browser sends a CORS preflight OPTIONS request. This does not have a basic auth header, and according to the specifications, preflight requests are not supposed to have any credentials.
However the proxy rejects the preflight request with a 401 because it is lacking credentials. And subsequently this causes the browser to abort the the actual search request.
This can be confirmed with the following CURL requests:
Will fail with a 401
curl -v -X OPTIONS "https://myproxyendpoint.com/myindex/_msearch?"
Will succeed with a 200
curl -v -X OPTIONS -u myusername:mypassword "https://myproxyendpoint.com/myindex/_msearch?"
In the aws-es-proxy.go code there should probably be a check for the request method not being an OPTIONS request before authenticating the request.
I have forked this repo and added the check for request method. And I have deployed this forked and modified repo to my proxy host. The problem with authentication errors on preflight requests has been resolved.
master...PeterCiuffetti:master
If you can provide guidance on how I should submit a patch from this diff, please advise.
Thanks
Pete Ciuffetti