Simple response header
一个简单的响应头(或 CORS 安全列表的响应头)是一个 HTTP 头,它是以下之一:
These headers will not be filtered when the response is filtered by CORS, they are considered as safe (as the headers listed in Access-Control-Expose-Headers
.
Examples
Extending the safelist
You can extend the list of CORS-safelisted response headers by using the Access-Control-Expose-Headers
header:
Access-Control-Expose-Headers: X-Custom-Header, Content-Length