Which of the following HTTP headers is a CORS header?

CORS (Cross-Origin Resource Sharing) is a mechanism that allows restricted resources on a web page to be requested from another domain outside the domain from which the resource originated. This is done using a set of HTTP headers. One of the main headers used in CORS is Access-Control-Allow-Origin.

Access-Control-Allow-Origin: This header indicates whether the response can be shared with requesting code from the given origin. This is essential for enabling cross-origin requests to be made securely.

The other headers listed in the question are not related to CORS:

X-CORS-Access-Token: This is not a standard HTTP header.

Location: This header is used in redirection or when a new resource has been created.

Referer: This header indicates the address of the previous web page from which a request was made.

Authorization: This header contains credentials to authenticate a user agent with a server.

References:

MDN Web Docs on CORS

W3C CORS Specification