Hit into this error when tying to get the “Content-Disposition” header using XMLHttpRequest.
Refused to get unsafe header "Content-Disposition"
Finally found the solution is to include CORS access control headers in HTTP response….
httpResponse.addHeader("Access-Control-Expose-Headers", "Content-Disposition");
Take note that it’s not Access-Control-Allow-Headers but Access-Control-Expose-Headers
Credit to this stackoverflow post.
Thank you so much, this helped me in my issue I’ve been googling for days…
thak for help!!!