Ionic + Elastic Search

hello @coreelements , @leob
Hope you can help today too! I have an Ionic App which gets search results from Elastic Search Server. I m getting the results back only when I run my Ionic App in IE. Not able to connect to elastic search server from firefox, chrome or even from Ionic mobile application.
Here is my http config!

.config([’$httpProvider’, function($httpProvider) {
$httpProvider.defaults.useXDomain = true;
$httpProvider.defaults.Origin = “localhost:8100”;
$httpProvider.
delete $httpProvider.defaults.headers.common[‘X-Requested-With’];
//delete $httpProvider.defaults.headers.common[‘Origin’];

}])

Sounds like it’s related to CORS / network security.

Did you include the whitelist plugin? Here’s the relevant part of my package.json:

  "cordovaPlugins": [
    "org.apache.cordova.device",
    "org.apache.cordova.console",
    "org.apache.cordova.splashscreen",
    "com.ionic.keyboard",
    "cordova-plugin-whitelist"
  ]

And in your index.html did you include content-security-policy, e.g:

  <!--
  Customize this policy to fit your own app's needs. For more guidance, see:
      https://github.com/apache/cordova-plugin-whitelist/blob/master/README.md#content-security-policy
  Some notes:
      * gap: is required only on iOS (when using UIWebView) and is needed for JS->native communication
      * https://ssl.gstatic.com is required only on Android and is needed for TalkBack to function properly
      * Disables use of inline scripts in order to mitigate risk of XSS vulnerabilities. To change this:
        Enable inline JS: add 'unsafe-inline' to default-src
    http://stackoverflow.com/questions/29814717/getting-error-to-setup-ngcordova-firsttime
    https://github.com/apache/cordova-plugin-whitelist/blob/master/README.md#content-security-policy
    http://stackoverflow.com/questions/30212306/no-content-security-policy-meta-tag-found-error-in-my-phonegap-application
  -->
  <meta http-equiv="Content-Security-Policy"
        content="default-src &apos;self&apos; * data: gap: https://ssl.gstatic.com &apos;unsafe-inline&apos; &apos;unsafe-eval&apos;; style-src &apos;self&apos; &apos;unsafe-inline&apos;; media-src *">

solved this issue. it has got nothing to do with client side. Made some changes in the Elastic Server’s configuration. Happy Now… Gonna work on this option-2 What is the best practice to search backend? :smile: