There comes a time in developers life when he gets sh* load of:
XMLHttpRequest cannot load http://api.com. Origin http://api.com is not allowed by Access-Control-Allow-Origin.
Then you can do
./Applications/Google Chrome.app/Contents/MacOS/Google\ Chrome --disable-web-security
Or you can add header to your api.com responses with
And then in your time you can also read... http://www.w3.org/TR/cors/#access-control-allow-origin-response-header