Add following to HTTP Response Headers in case you get cross origin issues (for testing only ofcourse). eg. when you get Request header field Content-Type is not allowed by Access-Control-Allow-Headers.
- Access-Control-Allow-Origin: *
- Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept