Should validate the header listed as required in the hosting considerations section of the SpaceApi spec

[eastein]

Access-Control-Allow-Origin: *

Perhaps the content-type should also be validated, or warned against if it's not application/json.

[eastein]

http://pastebin.com/raw.php?i=7DtVuFgN shows that many spaces stil ldo not have this, re-open please @slopjong

[eastein]

If you will not re-open @slopjong please explain why, this prevents many applications from working and also allows a violation of the spec to continue without informing the space that is in violation.

[eastein]

(thanks to Reventlov on irc for noticing this again)

[eastein]

Having talked ot @slopjong again on this, we have it warning now. I will make a new ticket for handling this in a more nuanced way.

[slopjong]

I saw too late that @eastein referenced this issue in #94.