Seriously. Without cors, js on any site you visit can make requests as you to anywhere. The only thing protecting you would be security through obscurity.
I also want this, but only to run my own apps which I build for my private use. If you don't assume the user is incompetent, you could build a secure browser that provides permission prompts to opt out of cors.
It should be safer if it doesn't send cookies, but you can still get in trouble for "hacking" because you visited a website that contained code that sent "hacking" requests to another website.