- Upgrade the documentation to match filter code - Fix bad default behavior with Access-Control-Allow-Credentials - Fix missing "s" in header Access-Control-Request-Method / Access-Control-Allow-Methods