CORS issue on Executor State page if cache headers are included
desobolevsky opened this issue · 6 comments
I'm experiencing this issue on Executor State tab, though every other tab and everything in general works perfectly fine.
Looks like I get the error on CORS preflight request.
Tried to fix this issue myself, removing cache headers from Executor component resolves it, Executor tab works good with the request like that:
vm.$http.get(vm.url, {withCredentials: true}).then((r) => {
Any thoughts on the appearing issue?
CC-UI is on master branch
CC is on migrate_to_kafka_2_5 branch
Kafka: 3.1.1 (Commit:5cf0285dc9728b0b)
getting the same error
Access to XMLHttpRequest at 'https://xxx.com/kafkacruisecontrol/state?substates=EXECUTOR&verbose=true&json=true' from origin 'https://xxxx.com' has been blocked by CORS policy: Request header field cache-buster is not allowed by Access-Control-Allow-Headers in preflight response.
getting the same error
Access to XMLHttpRequest at 'https://xxx.com/kafkacruisecontrol/state?substates=EXECUTOR&verbose=true&json=true' from origin 'https://xxxx.com' has been blocked by CORS policy: Request header field cache-buster is not allowed by Access-Control-Allow-Headers in preflight response.
fixed by adding Cache-buster to the webserver.http.cors.exposeheaders in cruisecontrol.properties file
webserver.http.cors.exposeheaders=User-Task-ID,Content-Type,Cache-buster
@desobolevsky can you raise a PR for this ?
@nareshv seems like everything works if Cache-Buster header is specified in cruisecontrol.properties, so I don't think this code needs a correction.
IMO it makes sense to add this header to default cruisecontrol.properties file in cruise-control repository. Any thoughts of that?
If it's ok I'll raise the issue and close this one
yep, lets add this config change to actual CC itself as a PR
created linkedin/cruise-control#1950 and will follow there