EDIT: Yay! Looks like GitHub Pages now supports CORS: https://twitter.com/invisiblecomma/status/575219895308324864
This can be verified by curling a request to enable-cors.org (which is hosted on GitHub Pages). Running this command: curl -v enable-cors.org > /dev/null returns an Access-Control-Allow-Origin: * header.
There’s no way to support CORS on GitHub Pages, though I’d love to see this feature. We host http://enable-cors.org on GitHub Pages, and we can’t enable CORS on the site itself 🙂
Update
As noted by @Styx GitHub Pages now always redirect to HTTPS. So if you want to confirm for yourself that all origins are allowed, for a particular site using GitHub pages, try curl with -L (to follow the redirects that are involved). E.g.:
$ curl -vL square.github.io/okhttp 2>&1 | fgrep -i access-control-allow-origin