Skip to content

Commit 2d19a4f

Browse files
Replace offensive words in CORS documentation (mdn#7396)
* Replaced offensive words in CORS documentation * Removed redundant punctuation mark Co-authored-by: André Jaenisch <[email protected]> * Rephrased the definition of the Access-Control-Expose-Headers header * Corrected the capitalization of JavaScript Co-authored-by: André Jaenisch <[email protected]>
1 parent 07e5b08 commit 2d19a4f

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

files/en-us/web/http/cors/index.html

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -391,11 +391,11 @@ <h3 id="Access-Control-Allow-Origin">Access-Control-Allow-Origin</h3>
391391
<pre class="brush: none">Access-Control-Allow-Origin: https://mozilla.org
392392
Vary: Origin</pre>
393393

394-
<p>If the server specifies a single origin (that may dynamically change based on the requesting origin as part of a white-list) rather than the "<code>*</code>" wildcard, then the server should also include <code>Origin</code> in the {{HTTPHeader("Vary")}} response header — to indicate to clients that server responses will differ based on the value of the {{HTTPHeader("Origin")}} request header.</p>
394+
<p>If the server specifies a single origin (that may dynamically change based on the requesting origin as part of a allowlist) rather than the "<code>*</code>" wildcard, then the server should also include <code>Origin</code> in the {{HTTPHeader("Vary")}} response header — to indicate to clients that server responses will differ based on the value of the {{HTTPHeader("Origin")}} request header.</p>
395395

396396
<h3 id="Access-Control-Expose-Headers">Access-Control-Expose-Headers</h3>
397397

398-
<p>The {{HTTPHeader("Access-Control-Expose-Headers")}} header lets a server whitelist headers that Javascript (such as {{domxref("XMLHttpRequest.getResponseHeader()","getResponseHeader()")}}) in browsers are allowed to access.</p>
398+
<p>The {{HTTPHeader("Access-Control-Expose-Headers")}} header adds the specified headers to the allowlist that JavaScript (such as {{domxref("XMLHttpRequest.getResponseHeader()","getResponseHeader()")}}) in browsers is allowed to access.</p>
399399

400400
<pre class="brush: none">Access-Control-Expose-Headers: &lt;header-name&gt;[, &lt;header-name&gt;]*
401401
</pre>

0 commit comments

Comments
 (0)