Add additional headers to remove when cors is disabled (#317)

commit: c89afebf6da51656240b18ef753f7bdbfea6210d [log] [tgz]
author: Alex Song <alexsong93@gmail.com> Thu Jul 26 14:55:29 2018 -0400
committer: Matt Hamann <matthew.hamann@gmail.com> Thu Jul 26 14:55:29 2018 -0400
tree: b6c9c2265e9167cd0822d4dec2a2810c405f58ae
parent: 56673df361792e7d37995683232da349cd1a9657 [diff]
diff --git a/scripts/lua/cors.lua b/scripts/lua/cors.lua
index 8c0b1f5..10deee8 100644
--- a/scripts/lua/cors.lua
+++ b/scripts/lua/cors.lua

@@ -44,6 +44,8 @@
       ngx.header['Access-Control-Allow-Methods'] = nil
       ngx.header['Access-Control-Allow-Headers'] = nil
       ngx.header['Access-Control-Allow-Credentials'] = nil
+      ngx.header['Access-Control-Expose-Headers'] = nil
+      ngx.header['Access-Control-Max-Age'] = nil
     else
       ngx.header['Access-Control-Allow-Origin'] = ngx.var.cors_origins == 'true' and (ngx.var.http_origin or '*') or ngx.var.cors_origins
       ngx.header['Access-Control-Allow-Methods'] = ngx.var.cors_methods or 'GET, POST, PUT, DELETE, PATCH, HEAD, OPTIONS'
commit	c89afebf6da51656240b18ef753f7bdbfea6210d	[log] [tgz]
author	Alex Song <alexsong93@gmail.com>	Thu Jul 26 14:55:29 2018 -0400
committer	Matt Hamann <matthew.hamann@gmail.com>	Thu Jul 26 14:55:29 2018 -0400
tree	b6c9c2265e9167cd0822d4dec2a2810c405f58ae
parent	56673df361792e7d37995683232da349cd1a9657 [diff]