Normally to do cross-domain http bind connections, proxies or Flash are needed to get around the same origin policy for browser ajax requests. The W3C has put forward a recommendation called Cross-Origin Resource Sharing (http://www.w3.org/TR/cors/), which allows web services to authorize cross-domain requests from browsers. Firefox 3.5+, Safari, and Chrome all support this standard.
This patch adds support for OPTIONS requests, which are needed for CORS pre-flighting, and adds several CORS HTTP headers to http bind requests.
It allows browsers to make direct, cross-domain requests to mod_http_bind without the need for flash or proxies. This makes it much easier to get started with XMPP web development.