How are we supposted to handle CORS with a non-hosted app?

Hello,

We are trying to understand how to make cross origin requests work with a packaged(installed) app on WebOS. I can only find basic documentation telling us that WebOS follows standard CORS practices.
As far as I can understand, this means the server should send back an Access-Control-Allowed-Origin header for our domain. We cannot just expose a wildcard, so setting this to Access-Control-Allowed-Origin: * is not an option for us. The problem is that we cannot map it to an Origin either. When running as an installed app, WebOS does not seem to send any origin header at all. So we have nothing to map to on the server side.
Is there a way to set an origin somehow, perhaps to out webos package name or something similar, or is there some other way to handle this?

Thank you!

Packaged web apps are installed locally, so they do not have a CORS origin. To serve your app as a packaged web app, please package it including all app resources. For more information, please refer to Web App Types. Thank you.

The issue is that we cannot execute HTTP post/get requests to an external API without adding a wildcard Access-Control-Allowed-Origin response header on that server.

As mentioned above, packaged web apps are installed and runs locally. To execute HTTP requests, please use a hosted web app. Thank you.