Added new middleware that intercepts and decorates all requests in
accordance to the Cross Origin Resource Sharing W3C specification
found at http://www.w3.org/TR/cors/. Permitted origins and cache max
age are configurable, however headers and methods are hard-coded since
those are application-specific. The notification hook was also
updated to only trigger on POST, PUT, and DELETE.
Motivation for this change is to allow js-draft builds of the
storyboard webclient to break the browser sandbox, and become fully
operational by accessing the production storyboard api. Reviewers
interested in seeing a functioning webclient for UI review will no
longer have to download and run their own client.
Patch to make the webclient build support a configurable API backend
is forthcoming.
Change-Id: I7a825820e4edf48cd9552b2c1c656bc7e664a25a
2da943a2f4