diff --git a/cmd/propagation_simulator/cors.go b/cmd/propagation_simulator/cors.go
new file mode 100644
index 0000000..bf16aaa
--- /dev/null
+++ b/cmd/propagation_simulator/cors.go
@@ -0,0 +1,20 @@
+package main
+
+import "net/http"
+
+func allowCORS(fn func(w http.ResponseWriter, r *http.Request)) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		if origin := r.Header.Get("Access-Control-Allow-Origin"); origin == "" {
+			w.Header().Set("Access-Control-Allow-Origin", "*")
+		}
+		w.Header().Set("Access-Control-Allow-Headers", "*")
+		if origin := r.Header.Get("Origin"); origin != "" {
+			if r.Method == "OPTIONS" && r.Header.Get("Access-Control-Request-Method") != "" {
+				// set preflight options
+				return
+			}
+		}
+
+		fn(w, r)
+	}
+}
diff --git a/cmd/propagation_simulator/main.go b/cmd/propagation_simulator/main.go
index 7ddc61f..5d0e877 100644
--- a/cmd/propagation_simulator/main.go
+++ b/cmd/propagation_simulator/main.go
@@ -25,7 +25,7 @@ func main() {
 
 	if *server {
 		log.Println("Starting simulator server on", *serverAddr)
-		http.HandleFunc("/", simulationHandler)
+		http.HandleFunc("/", allowCORS(simulationHandler))
 		log.Fatal(http.ListenAndServe(*serverAddr, nil))
 		return
 	}