Add CORS support
The sso service endpoint should send the proper CORS headers and respond to OPTIONS (for CORS prefetches) so that XmlHttpRequests on authenticated sites can (partially) work.
The sso service endpoint should send the proper CORS headers and respond to OPTIONS (for CORS prefetches) so that XmlHttpRequests on authenticated sites can (partially) work.