matrix-org · H-Shay · Mar 20, 2023 · Feb 2, 2023 · Feb 2, 2023 · Feb 2, 2023
@@ -0,0 +1 @@
+Add `Synapse-Trace-Id` to `access-control-expose-headers` header.
@@ -892,6 +892,10 @@ def set_cors_headers(request: SynapseRequest) -> None:
             b"Access-Control-Allow-Headers",
             b"X-Requested-With, Content-Type, Authorization, Date",
         )
+        request.setHeader(
+            b"Access-Control-Expose-Headers",
+            b"Synapse-Trace-Id",
+        )
 
 
 def set_corp_headers(request: Request) -> None:

@@ -266,6 +266,10 @@ def _check_cors_standard_headers(self, channel: FakeChannel) -> None:
             [b"X-Requested-With, Content-Type, Authorization, Date"],
             "has correct CORS Headers header",
         )
+        self.assertEqual(
+            channel.headers.getRawHeaders(b"Access-Control-Expose-Headers"),
+            [b"Synapse-Trace-Id"],
+        )
 
     def _check_cors_msc3886_headers(self, channel: FakeChannel) -> None:
         # Ensure the correct CORS headers have been added