Are you using jQuery? If so, requests that fail because of the CORS header issue will resolve the "fail" path of the promise. For example,
$.getJSON('http://developer.echonest.com/api/v4/artist/profile',
{api_key:"demo", name:"weezer"})
.then(function(){console.log("success!", arguments);},
function(){console.log("failure :(", arguments);});
Will print out
failure :( [Object, "error", ""]
In the console.
This is the appropriate way to handle potential errors coming back from our API. Success will always have a CORs header, but failures can potentially come from several different places, and in several different guises. Handling the case where your Deferred is rejected is the best way to catch everything.