diff --git a/liquor-cabinet.rb b/liquor-cabinet.rb
index 1df2e25..d2d1c70 100644
--- a/liquor-cabinet.rb
+++ b/liquor-cabinet.rb
@@ -42,7 +42,7 @@ class LiquorCabinet < Sinatra::Base
     before path do
       headers 'Access-Control-Allow-Origin' => '*',
               'Access-Control-Allow-Methods' => 'GET, PUT, DELETE',
-              'Access-Control-Allow-Headers' => 'Authorization, Content-Type, Origin'
+              'Access-Control-Allow-Headers' => 'Authorization, Content-Type, Origin, If-Match, If-None-Match',
       headers['Access-Control-Allow-Origin'] = env["HTTP_ORIGIN"] if env["HTTP_ORIGIN"]
       headers['Cache-Control'] = 'no-cache'
 
diff --git a/spec/directories_spec.rb b/spec/directories_spec.rb
index ea4e287..9af309c 100644
--- a/spec/directories_spec.rb
+++ b/spec/directories_spec.rb
@@ -62,7 +62,7 @@ describe "Directories" do
       last_response.status.must_equal 200
       last_response.headers["Access-Control-Allow-Origin"].must_equal "*"
       last_response.headers["Access-Control-Allow-Methods"].must_equal "GET, PUT, DELETE"
-      last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin"
+      last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin, If-Match, If-None-Match"
     end
 
     context "when If-None-Match header is set" do
@@ -437,7 +437,7 @@ describe "Directories" do
 
       last_response.headers["Access-Control-Allow-Origin"].must_equal "*"
       last_response.headers["Access-Control-Allow-Methods"].must_equal "GET, PUT, DELETE"
-      last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin"
+      last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin, If-Match, If-None-Match"
     end
 
     context "sub-directories" do
@@ -448,7 +448,7 @@ describe "Directories" do
 
         last_response.headers["Access-Control-Allow-Origin"].must_equal "*"
         last_response.headers["Access-Control-Allow-Methods"].must_equal "GET, PUT, DELETE"
-        last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin"
+        last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin, If-Match, If-None-Match"
       end
     end
 
@@ -460,7 +460,7 @@ describe "Directories" do
 
         last_response.headers["Access-Control-Allow-Origin"].must_equal "*"
         last_response.headers["Access-Control-Allow-Methods"].must_equal "GET, PUT, DELETE"
-        last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin"
+        last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin, If-Match, If-None-Match"
       end
     end
   end