initial commit

1 files changed, 39 insertions, 0 deletions

diff --git a/files/zh-cn/glossary/simple_response_header/index.html b/files/zh-cn/glossary/simple_response_header/index.html
new file mode 100644
index 0000000000..b916ab3c45
--- /dev/null
+++ b/files/zh-cn/glossary/simple_response_header/index.html
@@ -0,0 +1,39 @@
+---
+title: Simple response header
+slug: Glossary/Simple_response_header
+tags:
+  - Simple response header
+translation_of: Glossary/Simple_response_header
+---
+<p>一个简单的响应头（或CORS安全列表的响应头）是一个 <a href="/en-US/docs/Web/HTTP/Headers">HTTP 头 </a>，它是以下之一：</p>
+
+<ul>
+ <li>{{HTTPHeader("Cache-Control")}}</li>
+ <li>{{HTTPHeader("Content-Language")}}</li>
+ <li>{{HTTPHeader("Content-Type")}}</li>
+ <li>{{HTTPHeader("Expires")}}</li>
+ <li>{{HTTPHeader("Last-Modified")}}</li>
+ <li>{{HTTPHeader("Pragma")}}</li>
+</ul>
+
+<p>These headers will not be filtered when the response is filtered by CORS, they are considered as <em>safe</em> (as the headers listed in {{HTTPHeader("Access-Control-Expose-Headers")}}.</p>
+
+<h2 id="Examples">Examples</h2>
+
+<h3 id="Extending_the_safelist">Extending the safelist</h3>
+
+<p>You can extend the list of CORS-safelisted response headers by using the {{HTTPHeader("Access-Control-Expose-Headers")}} header:</p>
+
+<pre>Access-Control-Expose-Headers: X-Custom-Header, Content-Length</pre>
+
+<h2 id="Learn_more">Learn more</h2>
+
+<ul>
+ <li><a href="/en-US/docs/Web/HTTP">HTTP</a></li>
+ <li><a href="/en-US/docs/Web/HTTP/Headers">HTTP headers</a></li>
+ <li>{{HTTPHeader("Access-Control-Expose-Headers")}}</li>
+ <li>{{Glossary("CORS")}}</li>
+ <li>{{Glossary("Simple header")}}</li>
+ <li>{{Glossary("Forbidden header name")}}</li>
+ <li>{{Glossary("Request header")}}</li>
+</ul>