CVE-2019-18978 update rack-cors to 1.0.4

Summary

Current version of rack-cors gem 1.0.2 has directory path traversal vulnerability: https://nvd.nist.gov/vuln/detail/CVE-2019-18978

We should update to the patched 1.0.4 version of the gem.

Part of https://gitlab.com/gitlab-org/distribution/team-tasks/issues/541