Merge "Add 'X-Auth-Token' default header to CORS middleware"

1 files changed, 2 insertions, 2 deletions

diff --git a/oslo_middleware/cors.py b/oslo_middleware/cors.py
index 65d7be0..891dd99 100644
--- a/oslo_middleware/cors.py
+++ b/oslo_middleware/cors.py
@@ -35,7 +35,7 @@ CORS_OPTS = [
                      'credentials'),
     cfg.ListOpt('expose_headers',
                 default=['Content-Type', 'Cache-Control', 'Content-Language',
-                         'Expires', 'Last-Modified', 'Pragma'],
+                         'Expires', 'Last-Modified', 'Pragma', 'X-Auth-Token'],
                 help='Indicate which headers are safe to expose to the API. '
                      'Defaults to HTTP Simple Headers.'),
     cfg.IntOpt('max_age',
@@ -47,7 +47,7 @@ CORS_OPTS = [
                      'request.'),
     cfg.ListOpt('allow_headers',
                 default=['Content-Type', 'Cache-Control', 'Content-Language',
-                         'Expires', 'Last-Modified', 'Pragma'],
+                         'Expires', 'Last-Modified', 'Pragma', 'X-Auth-Token'],
                 help='Indicate which header field names may be used during '
                      'the actual request.')
 ]