Support dynamic CORS headers

[manosbatsis]

To allow different CORS settings (like allowed origins) per entity model record:

1. Add default CORS settings in base model service impl
2. Add default controller OPTIONS handler method to set CORS headers based on service
3. Add automatic handling in service method for models implementing e.g. a CorsAllowedOriginsProvidingModel interface
4. Allow overriding CORS settings service method for entirely custom implementations