Removed CORS headers from DistributeDataApiController

Author: litvinovg

api/src/main/java/edu/cornell/library/scholars/webapp/controller/api/DistributeDataApiController.java

@@ -53,7 +53,6 @@ protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws Se
 
             String uri = findDistributorForAction(req, model);
             DataDistributor instance = instantiateDistributor(req, uri, model);
-            setCorsHeaders(req, resp);
             runIt(req, resp, instance);
         } catch (NoSuchActionException e) {
             do400BadRequest(e.getMessage(), resp);
@@ -128,11 +127,6 @@ private void runIt(HttpServletRequest req, HttpServletResponse resp, DataDistrib
         }
     }
 
-    private void setCorsHeaders(HttpServletRequest req, HttpServletResponse resp) {
-        log.debug("Setting CORS header for every request.");
-        resp.setHeader("Access-Control-Allow-Origin", "*");
-    }
-
     private void do400BadRequest(String message, HttpServletResponse resp) throws IOException {
         log.debug("400BadRequest: " + message);
         resp.setStatus(400);