Simple response header

一个简单的响应头(或CORS安全列表的响应头)是一个 HTTP 头 ,它是以下之一:

These headers will not be filtered when the response is filtered by CORS, they are considered as safe (as the headers listed in Access-Control-Expose-Headers.


Extending the safelist

You can extend the list of CORS-safelisted response headers by using the Access-Control-Expose-Headers header:

Access-Control-Expose-Headers: X-Custom-Header, Content-Length

Learn more