Configure allowed Origin header values. This check is mostly designed for
browser clients. There is nothing preventing other types of client to modify the
Origin header value.
When SockJS is enabled and origins are restricted, transport types that do not
allow to check request origin (Iframe based transports) are disabled.
As a consequence, IE 6 to 9 are not supported when origins are restricted.
Each provided allowed origin must start by "http://", "https://" or be "*"
(means that all origins are allowed). By default, only same origin requests are
allowed (empty list).
Expose the SockJsServiceRegistration -- if SockJS is enabled or
null otherwise -- so that it can be configured with a TaskScheduler
if the application did not provide one. This should be done prior to