When a browser detects a cross-origin request, it performs a "preflight" check (using the OPTIONS method) or checks response headers. If the server does not return the correct headers, the browser blocks the response from being accessed by the client script.

For a quick, toggleable solution, you can use specialized extensions from the Chrome Web Store. These work by automatically injecting the necessary headers (like Access-Control-Allow-Origin: * ) into server responses.