Check if the request is a same-origin one, based on Origin, and
Note: as of 5.1 this method ignores
"Forwarded" and "X-Forwarded-*" headers that specify the
client-originated address. Consider using the ForwardedHeaderFilter
to extract and use, or to discard such headers.
true if the request is a same-origin one, false in case
of a cross-origin request