diff --git a/main/webserver.cpp b/main/webserver.cpp
index a9bc32b..5c79fd6 100644
--- a/main/webserver.cpp
+++ b/main/webserver.cpp
@@ -70,6 +70,7 @@ esp_err_t webserver_reboot_handler(httpd_req_t *req)
 
 esp_err_t webserver_status_handler(httpd_req_t *req)
 {
+    httpd_resp_set_hdr(req, "Access-Control-Allow-Origin", "*");
     espcpputils::LockHelper helper{webserver_lock->handle, std::chrono::ceil<espcpputils::ticks>(5s).count()};
     if (!helper.locked())
     {
@@ -78,8 +79,6 @@ esp_err_t webserver_status_handler(httpd_req_t *req)
         CALL_AND_EXIT(esphttpdutils::webserver_resp_send, req, esphttpdutils::ResponseStatus::BadRequest, "text/plain", msg);
     }
 
-    std::string body;
-
     std::string wants_json_query;
     if (auto result = esphttpdutils::webserver_get_query(req))
         wants_json_query = *result;
diff --git a/main/webserver_displaycontrol.cpp b/main/webserver_displaycontrol.cpp
index 379aa81..6f18142 100644
--- a/main/webserver_displaycontrol.cpp
+++ b/main/webserver_displaycontrol.cpp
@@ -32,13 +32,14 @@ esp_err_t webserver_root_handler(httpd_req_t *req)
     const auto key_result = httpd_query_key_value(wants_json_query.data(), "json", tmpBuf, 256);
     if (key_result == ESP_OK && (tmpBuf == stringSettings.webserver_password || stringSettings.webserver_password.empty()))
     {
+        httpd_resp_set_hdr(req, "Access-Control-Allow-Origin", "*");
         body += "{";
         if (auto currentDisplay = static_cast<const espgui::Display *>(espgui::currentDisplay.get()))
         {
             body.reserve(4096);
             if (const auto *textInterface = currentDisplay->asTextInterface())
             {
-                body += fmt::format("\"name:\"{}\",", textInterface->text());
+                body += fmt::format("\"name\":\"{}\",", textInterface->text());
             }
 
             if (const auto *menuDisplay = currentDisplay->asMenuDisplay())
@@ -46,7 +47,7 @@ esp_err_t webserver_root_handler(httpd_req_t *req)
                 body += fmt::format("\"index\":{},\"items\":[", menuDisplay->selectedIndex());
                 menuDisplay->runForEveryMenuItem([&,selectedIndex=menuDisplay->selectedIndex()](const espgui::MenuItem &menuItem){
                     body += "{";
-                    body += fmt::format("\"name\":\"{}\",\"icon\":\"{}\"", menuItem.text(), menuItem.icon()->name);
+                    body += fmt::format("\"name\":\"{}\",\"icon\":\"{}\"", menuItem.text(), (menuItem.icon()) ? menuItem.icon()->name : "");
                     body += "},";
                 });
                 body += "],";
@@ -68,6 +69,7 @@ esp_err_t webserver_root_handler(httpd_req_t *req)
     }
     else if (tmpBuf != stringSettings.webserver_password)
     {
+        httpd_resp_set_hdr(req, "Access-Control-Allow-Origin", "*");
         CALL_AND_EXIT(esphttpdutils::webserver_resp_send, req, esphttpdutils::ResponseStatus::Unauthorized, "text/plain", "");
     }
     else
diff --git a/main/webserver_dumpnvs.cpp b/main/webserver_dumpnvs.cpp
index 1fe4afb..601b563 100644
--- a/main/webserver_dumpnvs.cpp
+++ b/main/webserver_dumpnvs.cpp
@@ -113,6 +113,7 @@ showInputForSetting(std::string_view key, T value, JsonObject &body)
 
 esp_err_t webserver_dump_nvs_handler(httpd_req_t *req)
 {
+    httpd_resp_set_hdr(req, "Access-Control-Allow-Origin", "*");
     espcpputils::LockHelper helper{webserver_lock->handle, std::chrono::ceil<espcpputils::ticks>(5s).count()};
     if (!helper.locked())
     {
diff --git a/main/webserver_ota.cpp b/main/webserver_ota.cpp
index a5cc84e..d5b495e 100644
--- a/main/webserver_ota.cpp
+++ b/main/webserver_ota.cpp
@@ -33,23 +33,17 @@ esp_err_t webserver_ota_percentage_handler(httpd_req_t *req)
     }
 
     char tmpBuf[256];
+    httpd_resp_set_hdr(req, "Access-Control-Allow-Origin", "*");
     const auto key_result = httpd_query_key_value(wants_json_query.data(), "json", tmpBuf, 256);
     if (key_result == ESP_OK && (tmpBuf == stringSettings.webserver_password || stringSettings.webserver_password.empty()))
     {
         body += "{";
         if (asyncOta)
         {
-            if (const auto &appDesc = asyncOta->appDesc())
-            {
-                const auto progress = asyncOta->progress();
-                const auto totalSize = asyncOta->totalSize();
+            const auto progress = asyncOta->progress();
+            const auto totalSize = asyncOta->totalSize();
 
-                body += fmt::format("\"cur_ota_percent\":\"{}\",", (totalSize && *totalSize > 0) ? fmt::format("{:.02f}", float(progress) / *totalSize * 100) : "?");
-            }
-            else
-            {
-                body += "\"err\":\"Could not access asyncOta->appDesc()\",";
-            }
+            body += fmt::format("\"cur_ota_percent\":\"{}\",", (totalSize && *totalSize > 0) ? fmt::format("{:.02f}", float(progress) / *totalSize * 100) : "?");
         }
         else
         {
@@ -91,6 +85,7 @@ esp_err_t webserver_ota_handler(httpd_req_t *req)
     const auto key_result = httpd_query_key_value(wants_json_query.data(), "json", tmpBuf, 256);
     if (key_result == ESP_OK && (tmpBuf == stringSettings.webserver_password || stringSettings.webserver_password.empty()))
     {
+        httpd_resp_set_hdr(req, "Access-Control-Allow-Origin", "*");
         body += "{";
 
         if (const esp_app_desc_t *app_desc = esp_ota_get_app_description())
@@ -143,6 +138,7 @@ esp_err_t webserver_ota_handler(httpd_req_t *req)
     }
     else if (tmpBuf != stringSettings.webserver_password)
     {
+        httpd_resp_set_hdr(req, "Access-Control-Allow-Origin", "*");
         CALL_AND_EXIT(esphttpdutils::webserver_resp_send, req, esphttpdutils::ResponseStatus::Unauthorized, "text/plain", "");
     }
     else