There are certain addons for almost all common web browsers to ignore these CORS-errors and allow those requests even if there is no security header present. For testing purposes in my projects I’m using the “Moesif Origin & CORS Changer” addon, which is available in the Chrome addon store. It either allows to deactivate CORS-checks as a whole or on specific web pages (e.g. localhost).