There are certain addons for almost all common web browsers to ignore these CORS-errors and allow those requests even if there is no security header present. For testing purposes in my projects I’m using the “Moesif Origin & CORS Changer” addon, which is available in the Chrome addon store. It either allows to deactivate CORS-checks as a whole or on specific web pages (e.g. localhost).
To get rid of pop-ups and pop-unders on your computer, add an extension of plugin to your Web browser called a pop-up blocker. The four major Web browsers -- Chrome, Firefox, Internet Explorer and Opera -- all have plugins to stop pop-ups in their tracks.