This PR implements basic Cross-Origin Resource Sharing (CORS) support to the RPC server, as per the spec at https://www.w3.org/TR/cors/#resource-requests . The spec has been quoted verbatim in the source code for easier validation and maintenance of the code.
- added support for OPTIONS HTTP method
- interpret CORS request headers for pre-flight requests
- set CORS response headers
- -rpccorsdomain=value command line option for whitelisted domains
- four test cases: standard CORS request, and pre-flight request, with/without -rpccorsdomain
In practice this PR allows the REST interface to be used directly from a browser.
All the existing restrictions to the REST interface still apply: IP subnet, port, username, password.