Access-Control-Allow-Origin: "*"
Access-Control-Allow-Headers: "origin, x-requested-with, content-type"
Access-Control-Allow-Methods: "PUT, GET, POST, DELETE, OPTIONS"