Return Vary: Origin header with responses

[dmitrizagidulin]

Gold needs to return the Vary: Origin header with its responses for browser-side caching to work with CORS and credentials. (node-solid-server already does this).

[AMWJ]

Just ran into this: when hosting the application on multiple locations, when switching from using on one domain to another, this error arises:

XMLHttpRequest cannot load https://ariel.databox.me/twists. Redirect from 'https://ariel.databox.me/twists' to 'https://ariel.databox.me/twists/' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'http://amwj.github.io' that is not equal to the supplied origin. Origin 'https://amwj.github.io' is therefore not allowed access.

(This is when switching from using http://amwj.github.io to https://amwj.github.io)