@jakubvrana I was able to solve it by this hack:
Install
Header Editor.
Add rule Modify response header with header name Access-Control-Allow-Origin and value https://www.windy.com.
Add a second rule Modify response header with this custom function:
let access = false;
for (let i = 0; i < val.length; i++) {
if (val[i].name == 'Access-Control-Allow-Origin') {
if (access) {
val.splice(i, 1);
}
access = true;
}
}
I don't know why both these rules are needed, the first one shouldn't be needed. However if I don't add it then the headers are not modified.