aspnetcore icon indicating copy to clipboard operation
aspnetcore copied to clipboard

Published 20 hours ago verified publisher icon dotnet

[API Proposal]: Add `CorsPolicyBuilder.AllowAnyExposedHeader`

Open alrz opened this issue 1 year ago • 0 comments

Background and Motivation

The header Access-Control-Expose-Headers supports wildcard as with other cors headers.

Proposed API

namespace Microsoft.AspNetCore.Cors.Infrastructure;

public class CorsPolicyBuilder
{
+    public CorsPolicyBuilder AllowAnyExposedHeader();
}

Usage Examples

policyBuilder.AllowAnyExposedHeader();

Alternative Designs

Risks

Just like AnyOrigins this is not gonna work with AllowCredentials. Perhaps an analyzer could flag misusage for both.

alrz avatar Aug 27 '24 12:08 alrz