CORS issue on Executor State page if cache headers are included

[desobolevsky]

I'm experiencing this issue on Executor State tab, though every other tab and everything in general works perfectly fine. Looks like I get the error on CORS preflight request. Tried to fix this issue myself, removing cache headers from Executor component resolves it, Executor tab works good with the request like that:

vm.$http.get(vm.url, {withCredentials: true}).then((r) => {

Any thoughts on the appearing issue?

CC-UI is on master branch CC is on migrate_to_kafka_2_5 branch Kafka: 3.1.1 (Commit:5cf0285dc9728b0b)

[IronforgeV]

getting the same error

Access to XMLHttpRequest at 'https://xxx.com/kafkacruisecontrol/state?substates=EXECUTOR&verbose=true&json=true' from origin 'https://xxxx.com' has been blocked by CORS policy: Request header field cache-buster is not allowed by Access-Control-Allow-Headers in preflight response.

[IronforgeV]

getting the same error

Access to XMLHttpRequest at 'https://xxx.com/kafkacruisecontrol/state?substates=EXECUTOR&verbose=true&json=true' from origin 'https://xxxx.com' has been blocked by CORS policy: Request header field cache-buster is not allowed by Access-Control-Allow-Headers in preflight response.

fixed by adding Cache-buster to the webserver.http.cors.exposeheaders in cruisecontrol.properties file

webserver.http.cors.exposeheaders=User-Task-ID,Content-Type,Cache-buster

[nareshv]

@desobolevsky can you raise a PR for this ?

[desobolevsky]

@nareshv seems like everything works if Cache-Buster header is specified in cruisecontrol.properties, so I don't think this code needs a correction. IMO it makes sense to add this header to default cruisecontrol.properties file in cruise-control repository. Any thoughts of that? If it's ok I'll raise the issue and close this one

[nareshv]

yep, lets add this config change to actual CC itself as a PR

[nareshv]

created https://github.com/linkedin/cruise-control/issues/1950 and will follow there