This simple extension adds the Cross Origin Resource Sharing (CORS) Access-Control- HTTP headers to responses to allow cross domain calls. The feature can be toggled on/off with a button in the status bar and headers can be customized in about:config/forcecors.headers.

Warning: This extension essentially disables the browser's same origin policy which has serious security ramifications. Don't use it if you don't know what you're doing.