I edited Restler Defaults.php for this:
/**
* @var bool enables CORS support
*/
public static $crossOriginResourceSharing = true;
public static $accessControlAllowOrigin = 'http://localhost';
public static $accessControlAllowMethods = 'GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD';
And that works for my testing from local Web server using JavaScript fetch to my remote REST API.
How can I add an additional domain?