The solution that I’ve been able to achieve via the guidance of an experienced ng-dev at the Google AngularJS group is this xDomain library.
The setup is very simple, simply place a proxy.html file at the root of your API, with a regex/string for an allowed origin(‘master’), and a reference to the script at the frontend, and then point to this file from your frontend script(‘master’).
It works by opening the proxy.html file in an iframe, and communicating with the CORS resource using postMessage.
Works like a charm with both $http and $resource.
You can also maintain normal functioning for normal browsers by placing the script above all JavaScript library includes:
<!--[if lte IE 9]>
<script src="https://stackoverflow.com/questions/18706208/xdomain.js" slave="http://example.org/proxy.html"></script>
<![endif]-->