Skip to content

Extend CORSPolicy to allow for custom headers #5

New issue
New issue
Open
Open
Extend CORSPolicy to allow for custom headers#5
Labels
enhancementNew feature or requestgood first issueGood for newcomers
@x7airworker

Description

@x7airworker
x7airworker
opened on Jan 5, 2024

Is your feature request related to a problem? Please describe.
By default CORS blocks access to all headers except content-type. Custom headers need to be exposed using the header Access-Control-Expose-Headers.

Describe the solution you'd like
The CORSPolicy class should have a chainable method called exposeHeader which will take the header/pattern to be further used by building a comma seperated header value for Access-Control-Expose-Headers according to the spec.

Describe alternatives you've considered
I've implemented a simple RequestInterceptor which sets this header manually.

Additional context
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestgood first issueGood for newcomers

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions