Added a basic CORS options for api/*

lib/Pear/LocalLoop.pm

@@ -112,6 +112,17 @@ sub startup {
 
   my $api_public_get = $r->under('/api');
   $api_public_get->get('/info/ages')->to('api-info#get_ages');
+  $api_public_get->options('*' => sub {
+    my $self = shift;
+
+    $self->res->headers->header('Access-Control-Allow-Origin'=> 'http://localhost:7000');
+    $self->res->headers->header('Access-Control-Allow-Credentials' => 'true');
+    $self->res->headers->header('Access-Control-Allow-Methods' => 'GET, OPTIONS, POST, DELETE, PUT');
+    $self->res->headers->header('Access-Control-Allow-Headers' => 'Content-Type, X-CSRF-Token');
+    $self->res->headers->header('Access-Control-Max-Age' => '1728000');
+
+    $self->respond_to(any => { data => '', status => 200 });
+  });
 
   # Always available api routes
   my $api_public = $r->under('/api')->to('api-auth#check_json');