Do not overwrite all cors headers (#114)

raymondjacobson · web-flow · commit 07a1fceecfc5 · 2026-02-03T15:39:42.000-08:00
diff --git a/pkg/common/cors.go b/pkg/common/cors.go
@@ -30,9 +30,6 @@ func ReplaceCORSHeaders(resp *http.Response) {
 	resp.Header.Del("Access-Control-Allow-Origin")
 	resp.Header.Del("Access-Control-Allow-Methods")
 	resp.Header.Del("Access-Control-Allow-Headers")
-	resp.Header.Del("Access-Control-Allow-Credentials")
-	resp.Header.Del("Access-Control-Expose-Headers")
-	resp.Header.Del("Access-Control-Max-Age")
 
 	if len(corsConfig.AllowOrigins) > 0 {
 		if len(corsConfig.AllowOrigins) == 1 && corsConfig.AllowOrigins[0] == "*" {
diff --git a/pkg/version/.version.json b/pkg/version/.version.json
@@ -1,4 +1,4 @@
 {
-  "version": "1.1.5",
+  "version": "1.1.6",
   "service": "validator"
 }
