diff --git a/app.py b/app.py
index 1fd301a..afb5088 100644
--- a/app.py
+++ b/app.py
@@ -238,6 +238,24 @@ def samesite_iframe_view():
     return f"iframe on {hostname}"
 
 
+@app.route("/cors", methods=["GET", "POST"])
+def cors_view():
+    """
+    View to check CORS within the cluster
+    """
+
+    if request.method == "POST":
+        headers = {}
+        enable_cors = request.args.get("enabled", "false")
+        if enable_cors == "true":
+            headers = {
+                "Access-Control-Allow-Origin": "*"
+            }
+        return Response(json.dumps({"status": "ok", "cors_enabled": enable_cors}), headers=headers)
+
+    return render_template("cors.j2")
+
+
 @app.route("/json_items", methods=["GET", "POST"])
 def items_view():
     """
diff --git a/templates/cors.j2 b/templates/cors.j2
new file mode 100644
index 0000000..8b48a90
--- /dev/null
+++ b/templates/cors.j2
@@ -0,0 +1,39 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>CORS Test</title>
+</head>
+
+<body>
+    <p>Page to check CORS between hostnames. Enter the hostname to make a XHR request to in the field and the check to
+        get the CORS headers returned or not and press the XHR button.</p>
+    <div><input id="hostname" placeholder="Hostname to make a request to" /></div>
+    <div>
+        <label for="enable_cors">Enable CORS in XHR</label>
+        <input type="checkbox" id="enableCors" checked="checked" />
+    </div>
+    <div><input type="button" id="submit" value="Send XHR" /></div>
+    <pre id="response"></pre>
+    <script type="text/javascript">
+    function submitXHR() {
+        var hostname = document.querySelector("#hostname").value || location.host;
+        var enableCORS = document.querySelector("#enableCors").checked;
+
+        // console.log(hostname, enableCORS)
+        function loadHandler () {
+            document.querySelector("#response").innerHTML = this.responseText;
+        }
+
+        var oReq = new XMLHttpRequest();
+        oReq.addEventListener("load", loadHandler);
+        oReq.open("POST", location.protocol + "//" + hostname + "/cors?enabled=" + enableCORS);
+        oReq.send();
+    }
+    document.querySelector("#submit").addEventListener("click", submitXHR);
+    </script>
+</body>
+
+</html>
\ No newline at end of file