Add `enableCORS` option to `IServerOptions` to enable/disable CORS

[paganellif]

I need this feature to deploy the streamer as a service behind an API gateway that already checks and sets CORS headers.

Without this feature, I'm not able to use the server APIs because there is more than one origin in the Access-Control-Allow-Origin and this is not allowed.

[danielweck]

just a thought: in DITA R2D2BC web reader you can disable "credentials" in the http requester / fetch client options. Typically that is what forces the removal of asterisk / catch-all CORS allow origin. But perhaps you in fact need "credentials" so indeed you would need to modify the streamer config.

[paganellif]

I've made and tested these changes to src/http/server.ts and it works:

• added disableCORS?: boolean to IServerOptions
• initialized in the Serverconstructor this.disableCORS = options && options.disableCORS ? options.disableCORS : false
• used the options in the setResponseCORS to conditionally set CORS

If you agree with these changes, I already have a pull request that could be merged. If the pull request is approved, when do you plan to release the new version? because I really need this change.