According to the browser security model, you can only access resources from another origin (i.e. from another domain or using a different protocol) if the resource server authorizes such a request (provides proper CORS response headers). There are following solutions that you might consider:
If you don’t have access to the resource server headers, but you are able to create an html page on this resource server (i.e. dropbox, google drive), then you can embed it in a hidden iframe on the WebGL content page. Such an iframe will be able to download the resources using XMLHttpRequest and transfer them back to the WebGL application on the main page. You can use postMessage for page interaction and jslib plugin for interaction with the WebGL application (http://docs.unity3d.com/Manual/webgl-interactingwithbrowserscripting.html)
If you are able to setup a proxy (i.e. a simple php or node.js proxy) on the server where your WebGL content is hosted, then you can just perform WWW requests through this proxy (actual cross-domain requests will be performed by the proxy, while browser only accesses a resource from the same domain). If the proxy is setup on another domain, then it should append proper CORS to the response (more info here http://forum.unity3d.com/threads/online-image-texture-load-fails-in-webgl-no-access-control-allow-origin-header.385628/)