*
* This check is for cross site scripted GET and POST requests.
*/
final Headers headers = http.getRequestHeaders();
final URI request = http.getRequestURI();
if (headers.containsKey(ORIGIN)) {
String origin = headers.getFirst(ORIGIN);
String host = headers.getFirst(HOST);
String protocol = http.getHttpContext().getServer() instanceof HttpsServer ? HTTPS : HTTP;
//This browser set header should not need IPv6 escaping
String allowedOrigin = protocol + "://" + host;