From 643ceced362dc5d002b98ab044b597b7ad11d182 Mon Sep 17 00:00:00 2001
From: Ruben Verborgh <ruben@verborgh.org>
Date: Wed, 28 Jul 2021 15:37:35 +0200
Subject: [PATCH] fix: Expose Link via CORS.

---
 config/http/middleware/handlers/cors.json | 1 +
 test/integration/Middleware.test.ts       | 6 ++++++
 2 files changed, 7 insertions(+)

diff --git a/config/http/middleware/handlers/cors.json b/config/http/middleware/handlers/cors.json
index ab2fb894d..e7ca29330 100644
--- a/config/http/middleware/handlers/cors.json
+++ b/config/http/middleware/handlers/cors.json
@@ -17,6 +17,7 @@
       "options_credentials": true,
       "options_exposedHeaders": [
         "Accept-Patch",
+        "Link",
         "Location",
         "MS-Author-Via",
         "Updates-Via",
diff --git a/test/integration/Middleware.test.ts b/test/integration/Middleware.test.ts
index c536bd3c1..bcad1af87 100644
--- a/test/integration/Middleware.test.ts
+++ b/test/integration/Middleware.test.ts
@@ -99,6 +99,12 @@ describe('An http server with middleware', (): void => {
     expect(exposed.split(/\s*,\s*/u)).toContain('Accept-Patch');
   });
 
+  it('exposes the Link header via CORS.', async(): Promise<void> => {
+    const res = await request(server).get('/').expect(200);
+    const exposed = res.header['access-control-expose-headers'];
+    expect(exposed.split(/\s*,\s*/u)).toContain('Link');
+  });
+
   it('exposes the Location header via CORS.', async(): Promise<void> => {
     const res = await request(server).get('/').expect(200);
     const exposed = res.header['access-control-expose-headers'];