Add the Access-Control-Expose-Headers header to the agent config re…

…sponse. (elastic#2918) (elastic#2919) (elastic#2920)

To enable caching on the RUM agent. 

Fixes elastic#2915

beater/api/config/agent/handler.go

@@ -97,6 +97,7 @@ func Handler(client kibana.Client, config *config.AgentConfig) request.Handler {
 		// configuration successfully fetched
 		c.Header().Set(headers.CacheControl, cacheControl)
 		c.Header().Set(headers.Etag, fmt.Sprintf("\"%s\"", result.Source.Etag))
+		c.Header().Set(headers.AccessControlExposeHeaders, headers.Etag)
 
 		if result.Source.Etag != "" && result.Source.Etag == ifNoneMatch(c) {
 			c.Result.SetDefault(request.IDResponseValidNotModified)

beater/api/config/agent/handler_test.go

@@ -245,6 +245,7 @@ func TestAgentConfigRum(t *testing.T) {
 	h(ctx)
 	var actual map[string]string
 	json.Unmarshal(w.Body.Bytes(), &actual)
+	assert.Equal(t, headers.Etag, w.Header().Get(headers.AccessControlExposeHeaders))
 	assert.Equal(t, http.StatusOK, w.Code, w.Body.String())
 	assert.Equal(t, map[string]string{"transaction_sample_rate": "0.5"}, actual)
 }

beater/headers/keys.go

@@ -19,22 +19,23 @@ package headers
 
 // http header keys
 const (
-	Accept                    = "Accept"
-	AccessControlAllowHeaders = "Access-Control-Allow-Headers"
-	AccessControlAllowMethods = "Access-Control-Allow-Methods"
-	AccessControlAllowOrigin  = "Access-Control-Allow-Origin"
-	AccessControlMaxAge       = "Access-Control-Max-Age"
-	Authorization             = "Authorization"
-	Bearer                    = "Bearer"
-	CacheControl              = "Cache-Control"
-	Connection                = "Connection"
-	ContentEncoding           = "Content-Encoding"
-	ContentLength             = "Content-Length"
-	ContentType               = "Content-Type"
-	Etag                      = "Etag"
-	IfNoneMatch               = "If-None-Match"
-	Origin                    = "Origin"
-	UserAgent                 = "User-Agent"
-	Vary                      = "Vary"
-	XContentTypeOptions       = "X-Content-Type-Options"
+	Accept                     = "Accept"
+	AccessControlAllowHeaders  = "Access-Control-Allow-Headers"
+	AccessControlAllowMethods  = "Access-Control-Allow-Methods"
+	AccessControlAllowOrigin   = "Access-Control-Allow-Origin"
+	AccessControlExposeHeaders = "Access-Control-Expose-Headers"
+	AccessControlMaxAge        = "Access-Control-Max-Age"
+	Authorization              = "Authorization"
+	Bearer                     = "Bearer"
+	CacheControl               = "Cache-Control"
+	Connection                 = "Connection"
+	ContentEncoding            = "Content-Encoding"
+	ContentLength              = "Content-Length"
+	ContentType                = "Content-Type"
+	Etag                       = "Etag"
+	IfNoneMatch                = "If-None-Match"
+	Origin                     = "Origin"
+	UserAgent                  = "User-Agent"
+	Vary                       = "Vary"
+	XContentTypeOptions        = "X-Content-Type-Options"
 )

beater/middleware/cors_middleware.go

@@ -67,7 +67,7 @@ func CORSMiddleware(allowedOrigins []string) Middleware {
 				c.Header().Set(headers.AccessControlAllowMethods, supportedMethods)
 				c.Header().Set(headers.AccessControlAllowHeaders, supportedHeaders)
 
-				c.Header().Set("Access-Control-Expose-Headers", headers.Etag)
+				c.Header().Set(headers.AccessControlExposeHeaders, headers.Etag)
 
 				c.Header().Set(headers.ContentLength, "0")