I finally managed to get what I wanted. It was not possible for me to access a remote leaderboard server from within a WebGL game hosted on itch.io. This is because of the Cross-Origin restrictions mentioned earlier. Itch.io does not supply HTTP-headers that allow these requests.
However, one can upload a html file including an iframe to a server where you host your WebGL game. Once I had that, I had to take care of some problems:
1. First I could not enter fullscreen mode from within the iframe. You have to allow this with a special attribute in your iframe tag ("allowfullscreen").
2. Although the iframe worked in Firefox, Chrome still blocked it, because the new WebGL target URL was not https. So I had to get an SSL certificate.
After that it was only a matter of styling weired iframe margins and setting up a little DB for the leader board. If someone has the same problem, he can just have a look at my source code on my ASTROPUZZ game or contact me.
It would just be great if itch.io could provide a localhost mini API where one could just save some key-value pairs. Providing a Access-Control-Allow-Origin http header would also be great. One could argue that this is not a good idea due to security concerns. But giving the possibility of iframes with virtually unlimited data flow while prohibiting Cross-Origin requests seems unnecessary to me, right?