For security reasons, browsers restrict cross-origin HTTP requests initiated from within scripts (e.g. AJAX request). For below scenario, we need to modify the HTTP response headers:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS