Add CORS permissive mode

[ctron]

We do enable CORS by default now. With some reasonable settings. However, the user should be able to opt-out of it, enabling the "permissive" mode.

[ctron]

Option a)

The user sets the following to enable "permissive". In this case, all other options are ignored:

HTTP__CORS__PERMISSIVE=true

Otherwise it is necessary to configure CORS. The helm charts should provide working defaults.

Option b)

The user can switch between "permissive", "none", and "manual"

HTTP__CORS__MODE=permissive
HTTP__CORS__MODE=none
HTTP__CORS__MODE=manual # implicit default

Only when the mode is manual, the other options will be considered.

[jbtrystram]

Option B allows more flexibility and it's not that hard to implement. also, I wonder if services could provide default settings in the rust code, like for the allowed methods ?

i.e. https://github.com/drogue-iot/drogue-cloud/blob/main/http-endpoint/src/lib.rs#L109

[ctron]

So maybe do:

MODE=permissive
MODE=none
MODE= # unset
MODE=custom

permissive: wildcard CORS none: no CORS unset: application provided default custom: custom settings, with application defaults