The Cross-Origin Resource Sharing standard works by adding new HTTP
headers that allow servers to describe the set of origins that are
permitted to read that information using a web browser. Additionally,
for HTTP request methods that can cause side-effects on user data (in
particular; for HTTP methods other than GET,or for POST usage with
certain MIME types). The specification mandates that browsers
“preflight” the request,soliciting supported methods from the server
with an HTTP OPTIONS request header,and then,upon “approval” from
the server,sending the actual request with the actual HTTP request
method. Servers can also notify clients whether “credentials”
(including Cookies and HTTP Authentication data) should be sent with
requests.

很难提供一个适用于所有WWW服务器的通用解决方案，因为设置将根据您打算支持的服务器本身和HTTP动词而有所不同。我建议您阅读这篇有关需要由服务器发送的确切标题的更多详细信息的优秀文章(http://www.html5rocks.com/en/tutorials/cors/)。