Allow cross-origin requests to the archive

Everything is read-only and unauthenticated, so there is no security
risk. Hopefully this will allow some cool projects based on AJAX to be
developed.

Signed-off-by: Graham <gpe@openrs2.org>

archive/src/main/kotlin/org/openrs2/archive/web/WebServer.kt

@@ -4,6 +4,7 @@ import com.fasterxml.jackson.databind.ObjectMapper
 import io.ktor.application.ApplicationCall
 import io.ktor.application.call
 import io.ktor.application.install
+import io.ktor.features.CORS
 import io.ktor.features.ContentNegotiation
 import io.ktor.features.XForwardedHeaderSupport
 import io.ktor.http.ContentType
@@ -35,6 +36,10 @@ public class WebServer @Inject constructor(
 ) {
     public fun start(address: String, port: Int) {
         embeddedServer(CIO, host = address, port = port) {
+            install(CORS) {
+                anyHost()
+            }
+
             install(ContentNegotiation) {
                 register(ContentType.Application.Json, JacksonConverter(mapper))
             }