* None is deprecated and will fallback to Lax in the future.
* Using Strict is future proof and provides additional CSR protection
Signed-off-by: Manuel Kroeber <manuel.kroeber@gmail.com>
Signed-off-by: Manuel Kroeber <manuel.kroeber@gmail.com>
* Adding 'x-content-duratin' and 'x-total-count' to CORS exposed headers
* Moving cors setup to middlewares.go
* adding x-nd-authorization to exposed headers
* Use new embed functionality for serving UI assets
* Use new embed functionality for serving resources. Remove dependency on go-bindata
* Remove Go 1.15