diff --git a/server/monitor.go b/server/monitor.go
index 64a8259d..ceb82a9a 100644
--- a/server/monitor.go
+++ b/server/monitor.go
@@ -2342,6 +2342,7 @@ func ResponseHandler(w http.ResponseWriter, r *http.Request, data []byte) {
 	} else {
 		// Otherwise JSON
 		w.Header().Set("Content-Type", "application/json")
+		w.Header().Set("Access-Control-Allow-Origin", "*")
 		w.Write(data)
 	}
 }
diff --git a/server/monitor_test.go b/server/monitor_test.go
index 8b5735dc..c6e13f6c 100644
--- a/server/monitor_test.go
+++ b/server/monitor_test.go
@@ -157,7 +157,14 @@ func readBodyEx(t *testing.T, url string, status int, content string) []byte {
 	}
 	ct := resp.Header.Get("Content-Type")
 	if ct != content {
-		stackFatalf(t, "Expected %s content-type, got %s\n", content, ct)
+		stackFatalf(t, "Expected %q content-type, got %q\n", content, ct)
+	}
+	// Check the CORS header for "application/json" requests only.
+	if ct == appJSONContent {
+		acao := resp.Header.Get("Access-Control-Allow-Origin")
+		if acao != "*" {
+			stackFatalf(t, "Expected with %q Content-Type an Access-Control-Allow-Origin header with value %q, got %q\n", appJSONContent, "*", acao)
+		}
 	}
 	body, err := io.ReadAll(resp.Body)
 	if err != nil {