Once Access-Control-Allow-Origin: *
header has been added to every response of your REST API (don't forget OPTIONS
request - see perlight request), you should be able to use it without problem with XMLHttpRequest
and debug as it was on the same server.
Under development you can also use --disable-web-security
option to launch Dartium ( see Disable same origin policy in Chrome )