I believe you can, as in the S3 console, there's a tab in the properties window for each file labeled 'Metadata', which contains a 'Content-Type' key by default, that corresponds to the extension of the file. It's not unreasonable to assume that additional keys would be sent as headers too.
But in the end, the easiest way to find out for sure would be to put up a small test file, add some metadata, download the file, and look at the headers.
Amazon allows you to enable CORS for S3 bucket. See:
https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html#how-do-i-enable-cors
S3 does not support the Access-Control-Allow-Origin header.
https://forums.aws.amazon.com/thread.jspa?threadID=34281
I believe you can, as in the S3 console, there's a tab in the properties window for each file labeled 'Metadata', which contains a 'Content-Type' key by default, that corresponds to the extension of the file. It's not unreasonable to assume that additional keys would be sent as headers too.
But in the end, the easiest way to find out for sure would be to put up a small test file, add some metadata, download the file, and look at the headers.