Set an Access-Control-Allow-Origin header to the /decision endpoint
This header is added if the configuration file contains a CORS_URL and
add supports AJAX support for this endpoint.
Relates https://pagure.io/greenwave/issue/65
Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>