When accessing Dump 1090 JSON from another web server, I found that the "Access-Control-Allow-Origin" parameter was set twice ("*, *") which Chrome objected to. By changing "add-response-header" to "set-response-header" we ensure that the correct header is sent, but never duplicated.
/etc/default/dump1090-mutability is now generated in postinst,
if it doesn't exist, from a template in /usr/share/dump1090-mutability.
Subsequently, the config file is updated in place if debconf-driven
changes are made.
Static HTML/javascript have moved to a "html" subdir to avoid exposing
the template via the webserver.
Ian Renton
Oliver Jowett