diff --git a/superset/config.py b/superset/config.py
index 0752b5a943bd..ada28ab9fdc1 100644
--- a/superset/config.py
+++ b/superset/config.py
@@ -749,8 +749,14 @@ class D3Format(TypedDict, total=False):
 STORE_CACHE_KEYS_IN_METADATA_DB = False
 
 # CORS Options
-ENABLE_CORS = False
-CORS_OPTIONS: dict[Any, Any] = {}
+ENABLE_CORS = True
+CORS_OPTIONS: CORS_OPTIONS = {
+  'supports_credentials': True,
+  'allow_headers': ['*'],
+  'expose_headers': ['*'],
+  'resources':['*'],
+  'origins': ['*']
+}
 
 # Sanitizes the HTML content used in markdowns to allow its rendering in a safe manner.
 # Disabling this option is not recommended for security reasons. If you wish to allow