diff --git a/play.pokemonshowdown.com/.htaccess b/play.pokemonshowdown.com/.htaccess
index c13cd53b1..4600bd714 100644
--- a/play.pokemonshowdown.com/.htaccess
+++ b/play.pokemonshowdown.com/.htaccess
@@ -13,6 +13,11 @@ AddType application/x-web-app-manifest+json .webapp
   </ifModule>
 </filesMatch>
 
+<filesMatch "colors\.json$">
+    Header set Access-Control-Allow-Origin "*" 
+    Header set Access-Control-Allow-Methods "GET,POST,OPTIONS"
+</filesMatch>
+
 <IfModule mod_rewrite.c>
 RewriteEngine on
 
@@ -94,6 +99,8 @@ RewriteRule ^(.*) https://play.pokemonshowdown.com/$1 [R=301,L]
 RewriteRule ^style/fonts?/.*?\.(eot|svg|ttf|woff|woff2)$ - [E=SAFE_RESOURCE:1]
 RewriteRule ^data\/.*\.js(?:on)?$ - [E=SAFE_RESOURCE:1]
 Header set Access-Control-Allow-Origin * env=SAFE_RESOURCE
+Header set Access-Control-Allow-Methods "GET,POST,OPTIONS"
+Header set Access-Control-Allow-Headers "Content-Type, X-Requested-With"
 
 # Redirect old battles to their corresponding replay
 # RewriteCond %{HTTP_HOST} ^play\.pokemonshowdown\.com$ [NC]