Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):
OpenSearch and OpenSearch Dashboard version - 2.6.0
Describe the issue:
Issue: OpenSearch Dashboard APIs (ex. /saved_objects/_find) are accepting null Origin in request headers.
Expectations/Requirements: I want to only allow specific origin to make request to OpenSearch Dashboard APIs but to do that I couldn’t find any configuration option in the official docs. In OpenSearch Dashboard we can’t set the specific origins in opensearch_dashboard.yml file and the issue for the same is already open.
Can someone please help me to configure CORS for OpenSearch Dashboard APIs?