Add missing CORS header in preflight response example (#32137)

* Add missing CORS header in preflight response example The example preflight request sends an `Access-Control-Request-Headers` header, but the example response does not contain an `Access-Control-Allow-Headers` which is required as per https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers . This PR simply adds one. * Update index.md --------- Co-authored-by: Hamish Willee <[email protected]>
mdn · Feb 11, 2024 · 9902715 · 9902715
1 parent 72ffc3a
commit 9902715
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/files/en-us/glossary/preflight_request/index.md b/files/en-us/glossary/preflight_request/index.md
@@ -17,7 +17,7 @@ For example, a client might be asking a server if it would allow a {{HTTPMethod(
 ```http
 OPTIONS /resource/foo
 Access-Control-Request-Method: DELETE
-Access-Control-Request-Headers: origin, x-requested-with
+Access-Control-Request-Headers: Origin, X-Requested-With
 Origin: https://foo.bar.org
 ```
 
@@ -28,6 +28,7 @@ HTTP/1.1 204 No Content
 Connection: keep-alive
 Access-Control-Allow-Origin: https://foo.bar.org
 Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE
+Access-Control-Allow-Headers: Origin, X-Requested-With
 Access-Control-Max-Age: 86400
 ```