Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

API request to Kibana not including kbn-xsrf header #70

Closed
kjorg50 opened this issue May 18, 2020 · 3 comments · Fixed by #72
Closed

API request to Kibana not including kbn-xsrf header #70

kjorg50 opened this issue May 18, 2020 · 3 comments · Fixed by #72

Comments

@kjorg50
Copy link

kjorg50 commented May 18, 2020

Hi, I'm trying to make an API request similar to the one described in this answer about updating index patterns. My proxy is running on port 9200 and then I try something like this

curl 'http://localhost:9200/_plugin/kibana/api/saved_objects/index-pattern/INDEX_ID' -X PUT -H 'Content-Type: application/json' -H "kbn-xsrf: true" --data-binary '{"attributes":{"title":"INDEX_NAME","fields":"[ESCAPED_JSON_LIST_OF_FIELDS]"}}'

However, I get this error

{"statusCode":400,"error":"Bad Request","message":"Request must contain a kbn-xsrf header."}

Even though that header is included in the request, I think it is not being passed through the proxy correctly. Can anyone help provide some insight here? Am I missing something?

@dl-git
Copy link

dl-git commented May 23, 2020

hi @kjorg50 - I faced a very similar issue trying to run filebeat setup
I'm not hugely familiar with go so I found an npm alternative
https://www.npmjs.com/package/amazon-elasticsearch-proxy

edited the file node_modules/amazon-elasticsearch-proxy/proxy.js
and added in a statement to include the kbn-xsrf header
(there's already one for the kbn-version header)

the very definition of a hacky workaround but solved the problem

@abutaha
Copy link
Owner

abutaha commented May 27, 2020

Hi,

Thanks for reporting this. Will release a fix soon.

saravanan30erd added a commit to saravanan30erd/aws-es-proxy that referenced this issue Jun 2, 2020
@saravanan30erd
Copy link
Contributor

saravanan30erd commented Jun 2, 2020

@kjorg50 @dl-git

You can also use the header kbn-version to solve this error.
Kibana UI uses kbn-version header to mitigate this issue

curl 'http://10.10.10.10:9200/_plugin/kibana/api/saved_objects/index-pattern/INDEX-PATEERN_ID' -X PUT -H 'Content-Type: application/json' --data-binary '{"attributes":{"title":"INDEX","fields":"[]"}}' -H "kbn-version: 7.4.2"

However Kibana recommends to use kbn-xsrf for API calls.
kbn-version header also used for the client-side Kibana version check that alerts users when their client is out of date and needs to be refreshed("error":"Bad Request","message":"Browser client is out of date, please refresh the page"), so it must match the version of Kibana exactly. This poses a problem for any programmatic access that would only get set up once but may run repeatedly throughout the future (e.g. watcher), so we need to use kbn-xsrf header
instead with static value in this case.

Added the support for kbn-xsrf header in proxy now,

curl 'http://10.10.10.10:9200/_plugin/kibana/api/saved_objects/index-pattern/INDEX-PATTERN_ID' -X PUT -H 'Content-Type: application/json' --data-binary '{"attributes":{"title":"INDEX","fields":"[]"}}' -H "kbn-xsrf: true"

mergebotupgrade referenced this issue in Credify/aws-es-proxy Sep 15, 2020
* do not allow auto redirect to http client

* Updates to README.md

* Cross-compile new version

* Updated docker instructions

* Little fix to docker example

* add basic auth support

* fix version

* Support AWS China ES domain name, and update to use Go 1.11 modules

* add timeout

* Updated link to Kibana

Updated link to Kibana app

* make timeout variable

* Fix casting

* - AWS Elasticsearch endpoint is no longer mandatory
- Added more logging
- Removed all of the annoying log.fatal() messages
- Added option to redirect /_plugin/kibana to /_plugin/kibana/app/kibana this fixes blank pages when running newer versions of Kibana.

* Implementing custom http.Client fixed Kibana blank page issue. Removed added hacks.

* Run 'go mod tidy' for cleanup

* Updated version

* Update docker instructions

* Updated Dockerfile and add CONTRIBUTORS file

* Bump golang to v1.14

* Update README to go1.14

* Issue #70 - add the kbn-xsrf header

* issue #71 - add env var support for endpoint argument

* issue #71 - Update readme

* Add IRSA support

* Updated version number

* cleanup dockerfile

* updates

* image update

* fix build

Co-authored-by: Taiki Sugawara <buzz.taiki@gmail.com>
Co-authored-by: Muslim AbuTaha <muslim.adel@gmail.com>
Co-authored-by: Kamus Hadenes <kamushadenes@hyadesinc.com>
Co-authored-by: Mike Wu <mike.wu@retailnext.net>
Co-authored-by: Mike Kadin <michaelkadin@gmail.com>
Co-authored-by: Rui Chen <chenrui333@gmail.com>
Co-authored-by: saravanan30erd <saravanan30erd@gmail.com>
Co-authored-by: Luke Addison <lukeaddison785@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

4 participants