diff --git a/DragonFruit.OnionFruit.Web/Controllers/AssetDownloadController.cs b/DragonFruit.OnionFruit.Web/Controllers/AssetDownloadController.cs
index 4c189df..cc8921f 100644
--- a/DragonFruit.OnionFruit.Web/Controllers/AssetDownloadController.cs
+++ b/DragonFruit.OnionFruit.Web/Controllers/AssetDownloadController.cs
@@ -16,7 +16,7 @@ namespace DragonFruit.OnionFruit.Web.Controllers;
 [EnableCors("Assets")]
 public class AssetDownloadController(IRemoteAssetStore assetStore) : ControllerBase
 {
-    [HttpGet, HttpHead]
+    [HttpGet]
     [ResponseCache(NoStore = true)]
     [Route("~/assets/{*assetPath}")]
     public async Task<IActionResult> ResolveAssetPath(string assetPath)
diff --git a/DragonFruit.OnionFruit.Web/Program.cs b/DragonFruit.OnionFruit.Web/Program.cs
index b3480f4..1810ea8 100644
--- a/DragonFruit.OnionFruit.Web/Program.cs
+++ b/DragonFruit.OnionFruit.Web/Program.cs
@@ -46,8 +46,9 @@ public static async Task Main(string[] args)
 
             cors.AddPolicy("Assets", policy =>
             {
-                policy.WithMethods("GET", "HEAD");
-                policy.WithExposedHeaders("X-Asset-Location");
+                policy.WithMethods("GET");
+                policy.WithHeaders("If-Modified-Since");
+                policy.WithExposedHeaders("ETag", "X-Asset-Location");
 
                 policy.SetIsOriginAllowed(IsValidOrigin);
                 policy.SetPreflightMaxAge(TimeSpan.FromHours(12));