The issue only required modifying the Allowed-Headers,
but it seemed strange to add the ability to control
that one without being able to control the others
Current behavior without added flags is unnaffected
No existing assertions are changed
Added assertions to demonstrate control of CORS Headers
The issue only required modifying the Allowed-Headers, but it seemed strange to add the ability to control that one without being able to control the others