Hacker News new | past | comments | ask | show | jobs | submit login

Recently, I was working on an issue where our new frontend client was not receiving custom response headers from the server API. It turns out I had to expose headers first using 'Access-Control-Expose-Headers' [0]. Neither me, nor the frontend dev have heard of that response header before and we thought we knew something about CORS.

[0] https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Ac...

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact