Enable CORS on specific domains #63
Description
When dealing with authenticated cross domain requests, we can’t use wilcard for Access-Control-Allow-Headers.
In that case we need to be specific about domains we want to allow. This pull request permits it.