That would seem to be the case.
If I test this on a server that I own and add the relevant Access-Control-Expose-Headers header it is then accessible inside the javascript code.
Do I just cross my fingers and hope that this gets implemented going forward?
Thanks for your help everyone, as always awesome community.
Adrian