feat: CORS-support

[johanandren]

Based on https://github.com/lomigmegard/akka-http-cors but simplified here and there with less API surface, also a few optimisations.

[johanandren]

This can cause problems for users having the original cors directive imported and also using Directives to import all built in, because method names will collide.

Maybe that is fine though and the recommendation is to move over to the built in cors support?

[johanandren]

The overhead for regular CORS requests is a bit more expensive than I would have hoped, up to 10%, but couldn't find a way to optimise it further (it needs to copy/filter headers).

[johanandren]

This would be better just benching the directive/route rather than an end to end server test over TCP, but might be good enough for now.

[patriknw]

LGTM, maybe we should start a migration-guide page informing about this addition and how to migrate?

[patriknw]

both package names and config are different from akka-http-cors, so there shouldn't be any problems for users that still have akka-http-cors in classpath, right?

[johanandren]

The problem is what I mentioned in #4343 (comment)

We have an import-all directives-object/baseclass, now including cors(), if the original library is also in scope that will clash and not compile, not entirely sure what happens for the scenario of bumping without recompiling (but the original library does not support newer Akka versions so maybe that is a non issue?)

[johanandren]

I agree, a migration page of some sort would be good to add. Will do.

[ennru]

LGTM.