Support Access-Control-Expose-Headers in CORS

rcrowley / go-tigertonic

A Go framework for building JSON web services inspired by Dropwizard

Other

997 stars 79 forks source link

Closed randallsquared closed 10 years ago

randallsquared commented 10 years ago

In this PR:

add a new method for CORSBuilder, AddExposedHeaders, like AddAllowedHeaders.
unconditionally add this header to responses, since it doesn't depend on any request headers.
miscellaneous typo fixes and clarity rewording in comments
completely gratuitous const grouping (which I can revert from this PR if you'd prefer; not sure what your coding standards are on that)

mihasya commented 10 years ago

This patch looks good, but we may want to revisit the CORS docs for what the correct thing to do with Access-Control-Request-Method is..

:+1: