Fix exporting stdAllowedHeaders

http/handler_test.go

@@ -79,7 +79,7 @@ func TestHandler_cors(t *testing.T) {
 	//
 	expHeaders := map[string]string{
 		"Access-Control-Allow-Origin":  addr,
-		"Access-Control-Allow-Headers": strings.Join(stdAllowedHeaders, ","),
+		"Access-Control-Allow-Headers": strings.Join(vault.StdAllowedHeaders, ","),
 		"Access-Control-Max-Age":       "300",
 		"Vary": "Origin",
 	}

vault/cors.go

@@ -15,7 +15,7 @@ const (
 	CORSEnabled
 )
 
-var stdAllowedHeaders = []string{
+var StdAllowedHeaders = []string{
 	"Content-Type",
 	"X-Requested-With",
 	"X-Vault-AWS-IAM-Server-ID",
@@ -98,7 +98,7 @@ func (c *CORSConfig) Enable(urls []string, headers []string) error {
 	c.AllowedOrigins = urls
 
 	// Start with the standard headers to Vault accepts.
-	c.AllowedHeaders = append(c.AllowedHeaders, stdAllowedHeaders...)
+	c.AllowedHeaders = append(c.AllowedHeaders, StdAllowedHeaders...)
 
 	// Allow the user to add additional headers to the list of
 	// headers allowed on cross-origin requests.

vault/logical_system_test.go

@@ -66,7 +66,7 @@ func TestSystemConfigCORS(t *testing.T) {
 		Data: map[string]interface{}{
 			"enabled":         true,
 			"allowed_origins": []string{"http://www.example.com"},
-			"allowed_headers": append(stdAllowedHeaders, "X-Custom-Header"),
+			"allowed_headers": append(StdAllowedHeaders, "X-Custom-Header"),
 		},
 	}