From f66239e82f2bc3b81e5dec053df178a774c59c7f Mon Sep 17 00:00:00 2001
From: Krishna Srinivas <krishna@minio.io>
Date: Mon, 11 Sep 2017 08:15:51 -0700
Subject: [PATCH] Expose common S3 headers in CORS setting (#4839)

fixes #4838
---
 cmd/generic-handlers.go | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/cmd/generic-handlers.go b/cmd/generic-handlers.go
index a32872c7b..ac1a6b06c 100644
--- a/cmd/generic-handlers.go
+++ b/cmd/generic-handlers.go
@@ -326,11 +326,14 @@ var defaultAllowableHTTPMethods = []string{
 
 // setCorsHandler handler for CORS (Cross Origin Resource Sharing)
 func setCorsHandler(h http.Handler) http.Handler {
+	commonS3Headers := []string{"Content-Length", "Content-Type", "Connection",
+		"Date", "ETag", "Server", "x-amz-delete-marker", "x-amz-id-2",
+		"x-amz-request-id", "x-amz-version-id"}
 	c := cors.New(cors.Options{
 		AllowedOrigins:   []string{"*"},
 		AllowedMethods:   defaultAllowableHTTPMethods,
 		AllowedHeaders:   []string{"*"},
-		ExposedHeaders:   []string{"ETag"},
+		ExposedHeaders:   commonS3Headers,
 		AllowCredentials: true,
 	})
 	return c.Handler(h)