It's not about 'How' you do something but 'Why' you do is important.
Access-Control-Allow-Origin header is used by the server to tell the browser if the
CORS [
^](Cross-Origin Resource Sharing) is allowed or not.
Thus, you don't set it from the client but your web server needs to add it in the response.
By the way, here is nice article on CORS.
http://www.html5rocks.com/en/tutorials/cors/[
^]