--- title: Simple response header slug: Glossary/Simple_response_header tags: - Simple response header translation_of: Glossary/Simple_response_header --- <p>一个简单的响应头(或CORS安全列表的响应头)是一个 <a href="/en-US/docs/Web/HTTP/Headers">HTTP 头 </a>,它是以下之一:</p> <ul> <li>{{HTTPHeader("Cache-Control")}}</li> <li>{{HTTPHeader("Content-Language")}}</li> <li>{{HTTPHeader("Content-Type")}}</li> <li>{{HTTPHeader("Expires")}}</li> <li>{{HTTPHeader("Last-Modified")}}</li> <li>{{HTTPHeader("Pragma")}}</li> </ul> <p>These headers will not be filtered when the response is filtered by CORS, they are considered as <em>safe</em> (as the headers listed in {{HTTPHeader("Access-Control-Expose-Headers")}}.</p> <h2 id="Examples">Examples</h2> <h3 id="Extending_the_safelist">Extending the safelist</h3> <p>You can extend the list of CORS-safelisted response headers by using the {{HTTPHeader("Access-Control-Expose-Headers")}} header:</p> <pre>Access-Control-Expose-Headers: X-Custom-Header, Content-Length</pre> <h2 id="Learn_more">Learn more</h2> <ul> <li><a href="/en-US/docs/Web/HTTP">HTTP</a></li> <li><a href="/en-US/docs/Web/HTTP/Headers">HTTP headers</a></li> <li>{{HTTPHeader("Access-Control-Expose-Headers")}}</li> <li>{{Glossary("CORS")}}</li> <li>{{Glossary("Simple header")}}</li> <li>{{Glossary("Forbidden header name")}}</li> <li>{{Glossary("Request header")}}</li> </ul>