Is it possible to set the HTTP Header 'Access-Control-Allow-Origin' to '*' for every request? It will permits building mashups with api data from any domain (using JS libraries from any pages, for example)
This is entirely still relevant. We've had to resort to running cors-anywhere for the past few years to get around this issue, but sure would be nice if the API itself allowed unrestricted CORS headers
Is it possible to set the HTTP Header 'Access-Control-Allow-Origin' to '*' for every request? It will permits building mashups with api data from any domain (using JS libraries from any pages, for example)