Configure Access-Control-Accept-Headers


I am trying to query EventStore from our AngularJS app but I’m receiving the following error…

XMLHttpRequest cannot load XXXX. Request header field X-JourneyMan-Id is not allowed by Access-Control-Allow-Headers.

The X-JourneyMan-Id value in the header is something that we use to track information through our system so needs to be in our request message. Is there a way to update the accepted headers list in EventStore?



You could do this easily with a proxy such as nginx/iis/etc


If you’re building from source you can change the list of accepted headers here:

I guess there’s enough interest changing this from the outside that we should make it configurable - I’ll put up a GitHub issue to discuss.


I could look to do a PR for this James as we already build from dev branch.

In the meantime we’ll route it via our existing nginx reverse proxy and neuritalise the header :slight_smile:

Cheers, Ian.

The issue is what other uris do you want various headers associated to?