Why Spring Security did not add Access-Control-Allow-Origin for GET request with a Request Header?

Question

My goal is to debug why I can send HTTP GET request without RequestHeaders, but I can\'t send HTTP GET request with RequestHeaders.

I am fol