diff --git a/liquor-cabinet.rb b/liquor-cabinet.rb
index d2d1c70..71eecd1 100644
--- a/liquor-cabinet.rb
+++ b/liquor-cabinet.rb
@@ -43,6 +43,7 @@ class LiquorCabinet < Sinatra::Base
       headers 'Access-Control-Allow-Origin' => '*',
               'Access-Control-Allow-Methods' => 'GET, PUT, DELETE',
               'Access-Control-Allow-Headers' => 'Authorization, Content-Type, Origin, If-Match, If-None-Match',
+              'Access-Control-Expose-Headers' => 'ETag'
       headers['Access-Control-Allow-Origin'] = env["HTTP_ORIGIN"] if env["HTTP_ORIGIN"]
       headers['Cache-Control'] = 'no-cache'
 
diff --git a/spec/directories_spec.rb b/spec/directories_spec.rb
index 9af309c..704f33b 100644
--- a/spec/directories_spec.rb
+++ b/spec/directories_spec.rb
@@ -63,6 +63,7 @@ describe "Directories" do
       last_response.headers["Access-Control-Allow-Origin"].must_equal "*"
       last_response.headers["Access-Control-Allow-Methods"].must_equal "GET, PUT, DELETE"
       last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin, If-Match, If-None-Match"
+      last_response.headers["Access-Control-Expose-Headers"].must_equal "ETag"
     end
 
     context "when If-None-Match header is set" do
@@ -438,6 +439,7 @@ describe "Directories" do
       last_response.headers["Access-Control-Allow-Origin"].must_equal "*"
       last_response.headers["Access-Control-Allow-Methods"].must_equal "GET, PUT, DELETE"
       last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin, If-Match, If-None-Match"
+      last_response.headers["Access-Control-Expose-Headers"].must_equal "ETag"
     end
 
     context "sub-directories" do
@@ -449,6 +451,7 @@ describe "Directories" do
         last_response.headers["Access-Control-Allow-Origin"].must_equal "*"
         last_response.headers["Access-Control-Allow-Methods"].must_equal "GET, PUT, DELETE"
         last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin, If-Match, If-None-Match"
+        last_response.headers["Access-Control-Expose-Headers"].must_equal "ETag"
       end
     end
 
@@ -461,6 +464,7 @@ describe "Directories" do
         last_response.headers["Access-Control-Allow-Origin"].must_equal "*"
         last_response.headers["Access-Control-Allow-Methods"].must_equal "GET, PUT, DELETE"
         last_response.headers["Access-Control-Allow-Headers"].must_equal "Authorization, Content-Type, Origin, If-Match, If-None-Match"
+        last_response.headers["Access-Control-Expose-Headers"].must_equal "ETag"
       end
     end
   end