From bfee53b9b1f7497399add0f1209c15f5bf55b810 Mon Sep 17 00:00:00 2001
From: Braden MacDonald <braden@opencraft.com>
Date: Fri, 30 Aug 2024 11:53:35 -0700
Subject: [PATCH] feat: Update CORS allowed headers for compat. w/
 axios-cache-interceptor (#35402)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

See https://axios-cache-interceptor.js.org/config/request-specifics#cache-cachetakeover

cache.cacheTakeover (default true): you need to make sure Cache-Control,
Pragma and Expires headers are included into your server’s
Access-Control-Allow-Headers CORS configuration.
---
 lms/envs/common.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lms/envs/common.py b/lms/envs/common.py
index 04a1753838..2d31cba982 100644
--- a/lms/envs/common.py
+++ b/lms/envs/common.py
@@ -3687,6 +3687,9 @@ if FEATURES.get('ENABLE_CORS_HEADERS'):
 # because that decision might happen in a later config file. (The headers to
 # allow is an application logic, and not site policy.)
 CORS_ALLOW_HEADERS = corsheaders_default_headers + (
+    'cache-control',
+    'expires',
+    'pragma',
     'use-jwt-cookie',
 )