Hi,
for the sake of interoperability the CORS header on the webproxy should be set. Also see at the end of this page: http://iiif.io/technical-details/
compare
# curl -v 'https://iiif.manducus.net/manifests/0001/Q1028282/manifest.json' ... < Access-Control-Allow-Origin: * ...
with
curl -v 'https://iiils1.wmflabs.org2/manifest.json'
Adding this to the nginx conf seems to be sufficient:
add_header 'Access-Control-Allow-Origin' '*';
Thanks!
Leander aka Manducus