JSON Shallow Copy and CORS

CORS filter was modified to work with CORS for Safari. CORS was
preventing synchronization on iPad devices. JSON Shallow Copy was
modified to return more fields needed for the client. (#5)

domain/src/main/java/org/openhds/domain/util/JsonShallowCopier.java

@@ -23,6 +23,9 @@ public static Location copyLocation(Location loc) {
 
 	        LocationHierarchy level = new LocationHierarchy();
 	        level.setExtId(loc.getLocationLevel().getExtId());
+	        level.setLevel(loc.getLocationLevel().getLevel());
+	        level.setName(loc.getLocationLevel().getName());
+	        level.setExtId(loc.getLocationLevel().getExtId());
 	        copy.setLocationLevel(level);
 	        copy.setUuid(loc.getUuid());
 	        copy.setExtId(loc.getExtId());

webservice/src/main/java/org/openhds/webservice/CORSFilter.java

@@ -40,8 +40,8 @@ public void doFilter(ServletRequest servletRequest, ServletResponse servletRespo
         System.out.println("CORSFilter HTTP Request: " + request.getMethod());
 
         // Authorize (allow) all domains to consume the content
-        ((HttpServletResponse) servletResponse).addHeader("Access-Control-Allow-Origin", "* ");
-        ((HttpServletResponse) servletResponse).addHeader("Access-Control-Allow-Headers","*");
+        ((HttpServletResponse) servletResponse).addHeader("Access-Control-Allow-Origin", "*");
+        ((HttpServletResponse) servletResponse).addHeader("Access-Control-Allow-Headers","Accept, Accept-Language, Authorization, Content-Language, Content-Type");
         ((HttpServletResponse) servletResponse).addHeader("Access-Control-Allow-Methods","GET, OPTIONS, HEAD, PUT, POST");
 
         HttpServletResponse resp = (HttpServletResponse) servletResponse;