I created a web app that runs in Splunk. It is installed in $SPLUNK_HOME/etc/apps . The user can enter some data in a form, and then the data is saved in the KV Store. The data is sent to the kv store by using the javascript method fetch(). This is what a POST request looks like:
fetch(
"my_kv_store_url",
{
method: "POST",
mode: "cors",
credentials: "include",
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify(formData),
}
)
The data is successfully added to the kv store in Splunk 8+. It has a server.conf file which includes these lines:
[httpServer]
crossOriginSharingHeaders = X-Splunk-Form-Key, Authorization, Accept ,Content-Type, User-Agent,Referer
However, when I run the app in Splunk version 7.x the POST requests are blocked with this error: "Request header field content-type is not allowed by Access-Control-Allow-Headers in preflight response".
Splunk v7 does not support the crossOriginSharingHeaders rule in server.conf.
How can I make this work in Splunk 7x?
... View more