Adds exposed headers to avoid issue in JS SDK (#4934)

* Adds exposed headers to avoid issue in JS SDK

* Adds test for headers

src/middlewares.js

@@ -247,7 +247,7 @@ export function allowCrossDomain(req, res, next) {
   res.header('Access-Control-Allow-Origin', '*');
   res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS');
   res.header('Access-Control-Allow-Headers', 'X-Parse-Master-Key, X-Parse-REST-API-Key, X-Parse-Javascript-Key, X-Parse-Application-Id, X-Parse-Client-Version, X-Parse-Session-Token, X-Requested-With, X-Parse-Revocable-Session, Content-Type');
-
+  res.header('Access-Control-Expose-Headers', 'X-Parse-Job-Status-Id, X-Parse-Push-Status-Id');
   // intercept OPTIONS method
   if ('OPTIONS' == req.method) {
     res.sendStatus(200);