Enable to edit the CORS allow methods from environment variables

[ubi15]

Hi, I am loving titiler and I tried to use it in a backend queried via a web-app.

One feature I was planning to use was to query the statistics in a set of h3 hexagons from a react app (using deck.gl).

I then encountered CORS error and sequential unprocessable entity errors (HTTP error 422).

After a day of banging my head on the wall I realized that titiler only expose the GET method as allowed for CORS options request.

I am creating a pull request on this including a three-lines change to allow users to allow also the POST method by setting TITILER_API_CORS_ALLOW_METHODS='GET,POST'.

I know about the ongoing discussion on whether or not to include this middleware in the default application. I am ok with my contribution being rejected if it is not in line with your ideas.

However, I would have saved a day of development if this option were available and documented and it might be help other people not expert in HTTP request to quickly test and deploy their own titiler backend.