feat: Update CORS allowed headers for compat. w/ axios-cache-interceptor

See https://axios-cache-interceptor.js.org/config/request-specifics#cache-cachetakeover

cache.cacheTakeover (default true): you need to make sure Cache-Control,
Pragma and Expires headers are included into your server’s
Access-Control-Allow-Headers CORS configuration.

lms/envs/common.py

@@ -3687,6 +3687,9 @@ def _make_locale_paths(settings):  # pylint: disable=missing-function-docstring
 # because that decision might happen in a later config file. (The headers to
 # allow is an application logic, and not site policy.)
 CORS_ALLOW_HEADERS = corsheaders_default_headers + (
+    'cache-control',
+    'expires',
+    'pragma',
     'use-jwt-cookie',
 )