-Header always set Access-Control-Allow-Origin 'https://quitter.im'
-Header always set Access-Control-Max-Age "1000"
-Header always set Access-Control-Allow-Headers "X-Requested-With, Content-Type, Origin, Authorization, Accept, Client-Security-Token, Accept-Encoding"
-Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"