Apr 27, 2017 07:17 AM|Chris Zhao|LINK
What does a proper AJAX call look like that has the access-control-allow-origin set properly?
Access-Control-Allow-Origin is a response header and should not be part of the request, your server will need to handle the request and send back the
appropriate CORS response headers. For details, see HTTP access control (CORS)