Add OPTIONS support, add CORS, remove trailing whitespaces

[jacobgunnarsson]

I think Chrome made changes to CORS enforcements in some recent version which breaks the client implementation. I added support for OPTIONS and added Access-Control-Allow-Origin: * to all response headers, which seems to work well!