The creator of Flask, Armin Ronacher, has a snippet here to handle cross origin requests in Flask. This works great if you are not using Chrome and testing from localhost. To get this decorator to work on Chrome from localhost, add the following header.

h['Access-Control-Allow-Headers']  = (
    'Cache-Control, Pragma, Origin, Authorization,'
    'Content-Type, X-Requested-With'
)