问题描述：

跨域访问时：response的header需要添加自定义字段ABC，在浏览器的network工具或者postman查看请求，都可以再response的header中发现字段ABC，而通过ajax或者react等查看响应时，header就是为空

解决方案：

后端在返回response时，加上header Access-Control-Expose-Headers

代码如下：

# 在response中自定义header，并允许前端访问
class KwsHeaderMiddleware:
    def __init__(self, get_response):
        self.get_response = get_response
        # One-time configuration and initialization.

    def __call__(self, request):
        # Code to be executed for each request before
        # the view (and later middleware) are called.

        response = self.get_response(request)
        response = self.process_response(request, response)
        return response

    def process_response(self, request, response):
        user = request.user
        if user.is_authenticated():
            if user.can_login_kws:
                response['CLK'] = "ALLOWED"  # 自定义响应头
                response['Access-Control-Expose-Headers'] = "CLK" # 通过此header允许前端访问
            else:
                response['CLK'] = "NOT ALLOWED"
                response['Access-Control-Expose-Headers'] = "CLK"
        return response