Add Retry-After to Access-Control-Expose-Headers
When hitting a 429 response, a cross-origin request does not have access to the Retry-After header.
If the 429 is raised by the origin web server, you’ll get a retry-after. If you’ve been absolutely hammering the service and Cloudflare steps in and rate limits, you won’t get a retry-after from them.
Can you possibly share precisely the request you're making (including headers) and what you expect in the response (even if just retry-after)?
Thanks for your reply Troy, what you're saying is absolutely clear, what I mean though is that the retry-after header is not available if the request is done via ajax as a cross-origin http request. Only the values specified in "Access-Control-Expose-Headers" are available in the response. If it's the case that you have no control over that, I guess the only option is to hard-code the retry-after value, which kind of sucks :D