allowedRequestHeaders property
The allowed request headers.
Defaults to authorization, x-requested-with, x-forwarded-for. Must be lowercase. Use in conjunction with simpleRequestHeaders. In the specification (http://www.w3.org/TR/cors/), this is 'list of headers'.
Implementation
late List<String> allowedRequestHeaders;