How do I set up Sinatra so that static files in the public folder are returned with the response Access-Control-Allow-Origin = "*" ?

Have a look at this question here: Sinatra OPTIONS HTTP Verb. It's implemented in sinatra now so you don't have to hack around it.

If that doesn't help take a look at this blog post: Cross Origin Resource Sharing with Sinatra, and its repo at github: sinatra-corss_origin

Although the simplest way to do it should work just by adding this:

response['Access-Control-Allow-Origin'] = 'http://whatever.org'

before the return value in your route.

get '/foo' do
  headers 'Access-Control-Allow-Origin' => 'http://example.com'
  'hello world'
end

There's also a nice extension for cross origin sharing:

https://github.com/britg/sinatra-cross_origin

require 'sinatra'
require 'sinatra/cross_origin'

# To enable cross origin requests for all routes:
configure do
  enable :cross_origin
end

# To only enable cross origin requests for certain routes:
get '/cross_origin' do
  cross_origin
  "This is available to cross-origin javascripts"
end

I did this on a server side, my file was called server.rb:

before do
   content_type :json    
   headers 'Access-Control-Allow-Origin' => '*', 
            'Access-Control-Allow-Methods' => ['OPTIONS', 'GET', 'POST']  
end