[CorsFilter] How to handle custom request headers

Hello everybody,

I created a custom module for Keycloak that extends the endpoints in order to integrate Keycloak in an already defined client architecture.

In particular, I have a new endpoint that requires one specific header in the request that isn’t present in the Cors.DEFAULT_ALLOW_HEADERS, and this cause a CORS error when I try to call this endpoint with this specific header.

There is no way to adopt another approach on calling this endpoint without the custom header in the request because this is a requirement of the client architecture.

So, there is a way to add a new allow header or a way to override the CorsFilter with a CustomCorsFilter?

Thanks in advance.