[411111111111111]

At least Chrome and Firefox don't block it. I've recently used something similar as an add-on until I did exactly what he said: manually setting a cors * header for that internal development server