diff --git a/.changeset/clever-students-report.md b/.changeset/clever-students-report.md
new file mode 100644
index 000000000000..49cd156bf152
--- /dev/null
+++ b/.changeset/clever-students-report.md
@@ -0,0 +1,5 @@
+---
+'@sveltejs/kit': patch
+---
+
+Add `Access-Control-Allow-Origin: *` to static assets in dev
diff --git a/packages/kit/src/exports/vite/dev/index.js b/packages/kit/src/exports/vite/dev/index.js
index 6944f30dd952..ef8f28cf0702 100644
--- a/packages/kit/src/exports/vite/dev/index.js
+++ b/packages/kit/src/exports/vite/dev/index.js
@@ -236,7 +236,10 @@ export async function dev(vite, vite_config, svelte_config) {
 		dev: true,
 		etag: true,
 		maxAge: 0,
-		extensions: []
+		extensions: [],
+		setHeaders: (res) => {
+			res.setHeader('access-control-allow-origin', '*');
+		}
 	});
 
 	vite.middlewares.use(async (req, res, next) => {
diff --git a/packages/kit/test/apps/basics/test/server.test.js b/packages/kit/test/apps/basics/test/server.test.js
index 2f56b508a973..97f6bceff439 100644
--- a/packages/kit/test/apps/basics/test/server.test.js
+++ b/packages/kit/test/apps/basics/test/server.test.js
@@ -372,6 +372,8 @@ test.describe('Static files', () => {
 		response = await request.get('/subdirectory/static.json');
 		expect(await response.json()).toBe('subdirectory file');
 
+		expect(response.headers()['access-control-allow-origin']).toBe('*');
+
 		response = await request.get('/favicon.ico');
 		expect(response.status()).toBe(200);
 	});