Is there a way to allow multiple cross-domains using the Access-Control-Allow-Origin header? I'm aware of the *, but it is too open. I really want to allow just a couple domains. As an example, something like this: Access-Control-Allow-Origin: http://domain1.example, http://domain2.example I have tried the above code but it does not seem to work in Firefox. Is it possible to specify multiple domai