Cross-domain cors settings

// Cross-domain cors settings, allowing clients to request cross-domain requests

            response.addHeader("Access-Control-Allow-Origin", "*");

            response.addHeader("Access-Control-Allow-Headers", "Origin, x-requested-with, Content-Type, Accept,X-Cookie");

            response.addHeader("Access-Control-Allow-Credentials", "true");

            response.addHeader("Access-Control-Allow-Methods", "GET,POST,PUT,OPTIONS,DELETE");