This post is more than 2 years old.
I've got a CFC with 2 simple methods. Don't worry about what they do - they are just samples. To allow for CORS, you can add one simple header to your code. Unfortunately, you can't do cfheader in script-based CFCs. Therefore I made a new file, head.cfm, with one line:
Obviously if you use tag-based CFCs this won't be a problem. Also note you can move that include (or the tag) into a method to enable CORS only for some methods and not others.
Hope this helps!