For use in web browsers, did:web providers may need to set headers in the HTTP response for the DID document, for Cross-Origin Resource Sharing (CORS).

To enable any web origin to resolve the DID, the DID Document HTTP response can include the following header:
Access-Control-Allow-Origin: *

cc @sbihel

+1 on CORS to facilitate browser access.

@OR13 does this in #25 for w3did.org.