Access-Control-Allow-Headers is added for CORS preflight and should be
removed according to the spec
(https://w3c.github.io/ServiceWorker/#update-algorithm).

Bug: 1191514
Change-Id: Ide3c8556bf3a53d51f26d5f9be34af3b873922be
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2782391
Reviewed-by: Ben Kelly <[email protected]>
Commit-Queue: Ghazale Hosseinabadi <[email protected]>
Cr-Commit-Position: refs/heads/master@{#866130}