diff --git a/src/Microsoft.AspNetCore.Cors/Infrastructure/CorsConstants.cs b/src/Microsoft.AspNetCore.Cors/Infrastructure/CorsConstants.cs
index 602f381ae5..bc8a994387 100644
--- a/src/Microsoft.AspNetCore.Cors/Infrastructure/CorsConstants.cs
+++ b/src/Microsoft.AspNetCore.Cors/Infrastructure/CorsConstants.cs
@@ -1,6 +1,8 @@
// Copyright (c) .NET Foundation. All rights reserved.
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+using Microsoft.Net.Http.Headers;
+
namespace Microsoft.AspNetCore.Cors.Infrastructure
{
///
@@ -10,13 +12,13 @@ namespace Microsoft.AspNetCore.Cors.Infrastructure
{
///
/// The HTTP method for the CORS preflight request.
- ///
+ ///
public static readonly string PreflightHttpMethod = "OPTIONS";
///
/// The Origin request header.
///
- public static readonly string Origin = "Origin";
+ public static readonly string Origin = HeaderNames.Origin;
///
/// The value for the Access-Control-Allow-Origin response header to allow all origins.
@@ -26,59 +28,60 @@ namespace Microsoft.AspNetCore.Cors.Infrastructure
///
/// The Access-Control-Request-Method request header.
///
- public static readonly string AccessControlRequestMethod = "Access-Control-Request-Method";
+ public static readonly string AccessControlRequestMethod = HeaderNames.AccessControlRequestMethod;
///
/// The Access-Control-Request-Headers request header.
///
- public static readonly string AccessControlRequestHeaders = "Access-Control-Request-Headers";
+ public static readonly string AccessControlRequestHeaders = HeaderNames.AccessControlRequestHeaders;
///
/// The Access-Control-Allow-Origin response header.
///
- public static readonly string AccessControlAllowOrigin = "Access-Control-Allow-Origin";
+ public static readonly string AccessControlAllowOrigin = HeaderNames.AccessControlAllowOrigin;
///
/// The Access-Control-Allow-Headers response header.
///
- public static readonly string AccessControlAllowHeaders = "Access-Control-Allow-Headers";
+ public static readonly string AccessControlAllowHeaders = HeaderNames.AccessControlAllowHeaders;
///
/// The Access-Control-Expose-Headers response header.
///
- public static readonly string AccessControlExposeHeaders = "Access-Control-Expose-Headers";
+ public static readonly string AccessControlExposeHeaders = HeaderNames.AccessControlExposeHeaders;
///
/// The Access-Control-Allow-Methods response header.
///
- public static readonly string AccessControlAllowMethods = "Access-Control-Allow-Methods";
+ public static readonly string AccessControlAllowMethods = HeaderNames.AccessControlAllowMethods;
///
/// The Access-Control-Allow-Credentials response header.
///
- public static readonly string AccessControlAllowCredentials = "Access-Control-Allow-Credentials";
+ public static readonly string AccessControlAllowCredentials = HeaderNames.AccessControlAllowCredentials;
///
/// The Access-Control-Max-Age response header.
///
- public static readonly string AccessControlMaxAge = "Access-Control-Max-Age";
+ public static readonly string AccessControlMaxAge = HeaderNames.AccessControlMaxAge;
+
internal static readonly string[] SimpleRequestHeaders =
{
- "Origin",
- "Accept",
- "Accept-Language",
- "Content-Language",
+ HeaderNames.Origin,
+ HeaderNames.Accept,
+ HeaderNames.AcceptLanguage,
+ HeaderNames.ContentLanguage,
};
internal static readonly string[] SimpleResponseHeaders =
{
- "Cache-Control",
- "Content-Language",
- "Content-Type",
- "Expires",
- "Last-Modified",
- "Pragma"
+ HeaderNames.CacheControl,
+ HeaderNames.ContentLanguage,
+ HeaderNames.ContentType,
+ HeaderNames.Expires,
+ HeaderNames.LastModified,
+ HeaderNames.Pragma
};
internal static readonly string[] SimpleMethods =