well your http server needs to allow cross origin request.
CORS errors are a security mechanism that "protects" your content from others sides to be requested via xhr.
so your server needs to say either 'this client is allowed' or '*' all clients are allowed. you still could spoof it but that's a different topic.
in general it matches the 'address url' with the own 'server name' and if it does not match the client say 'naaahhhhh sorry' unless the server says 'well you are allowed, even if it does not match'.
so you either download a cors browser plugin that spoofs/proxies the request or you configure your http server accordingly.