Why, when the CORS policy plugin is used, do I get multiple
Access-Control-Allow-Origin headers in the response. From curl:
Origin:
http://blah.com
Access-Control-Allow-Origin:
http://blah.com
Access-Control-Allow-Origin: Jetty(9.2.19.v20160908)
Chrome does not like the multiple headers, so the API request fails.