[zackify]

just use this https://cors-anywhere.herokuapp.com/

or just set all your cors headers to * on your server

[user5994461]

* is blocked by most browsers to avoid lazy developers putting their site wild open to abuse.

[411111111111111]

At least Chrome and Firefox don't block it. I've recently used something similar as an add-on until I did exactly what he said: manually setting a cors * header for that internal development server

[zackify]

Chrome and Firefox do not.

If that’s really the case with your browser.... set it to request.origin, so it’s always valid haha

[timvdalen]

Isn't that just begging for legal trouble?

[quickthrower2]

Is that a MITM?