Better CORS handling

[danbars]

1. CORS preflight request is not identified by Origin header that can be sent in different non CORS events too. It is identified by OPTIONS method and Access-Control-Request-Method header
2. Allow more fine grained control over CORS Access-Control-* headers using options.
3. Allow handling OPTIONS request in this plugin and immediately return without calling next handlers (i.e. without calling a backend service)

If you like these changes I can also update the docs.

[markusahlstrand]

Thanks for the PR! The existing cors-header is very simplistic and I'm not certain exactly how it should work :) I'll ask questions in code comments to make sure I understand.

[danbars]

I'm going to commit the changes. Let me know if you think it's better

[markusahlstrand]

Looks good. Looks like the test for the cors handler needs to be updated and there might be some minor lint fixes. Could you check that the tests pass locally? Thanks!!

[danbars]

I will try to work on the tests and lint tomorrow.

[markusahlstrand]

Think it looks good now, just needs the test to pass. Let me know if you want me to help out.

[danbars]

Hi, sorry, I didn't get to it yet. I hope to get to it tomorrow.

[danbars]

Hi @markusahlstrand, finally got to complete this, sorry about the long delay. Lint and tests all pass + added new tests Also updated the readme with the new configuration.

[markusahlstrand]

Nice! Just waiting for the travis build to go through..

[markusahlstrand]

Merged, thanks for the PR!

[danbars]

Great, thanks for the project ;-)