support user set origin as cross domain

Author: sjqzhang

server/http_header.go

@@ -3,8 +3,13 @@ package server
 import "net/http"
 
 func (c *Server) CrossOrigin(w http.ResponseWriter, r *http.Request) {
-	r.Header.Set("Origin", "*")
-	w.Header().Set("Access-Control-Allow-Origin", "*")
+	if r.Header.Get("Origin") != "" {
+		w.Header().Set("Access-Control-Allow-Origin", r.Header.Get("Origin"))
+		w.Header().Set("Access-Control-Allow-Credentials", "true")
+	} else {
+		w.Header().Set("Access-Control-Allow-Origin", "*")
+		r.Header.Set("Origin", "*")
+	}
 	w.Header().Set("Access-Control-Allow-Headers", "Authorization, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, X-Requested-By, If-Modified-Since, X-File-Name, X-File-Type, Cache-Control, Origin")
 	w.Header().Set("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PUT, DELETE")
 	w.Header().Set("Access-Control-Expose-Headers", "Authorization")