How to handle and set CORS in TMS Webcore client ?

Hi , 

i ran into this error in my Browser console ...

Access to XMLHttpRequest at 'http://localhost:8080/api/auth/token?db=v10c_demo_gotdata1&login=admin&password=admin1' from origin 'http://localhost:8000' has been blocked by CORS policy: The response is invalid.

and i referred to your comments in 

and have checked
but have no clues about what to do with the TMS Webcode , TMSWebconnection component's properties "Headers"

my Questions is how to set the value inside the headers ? 
can you give some sample ?

mine , the headers value inside is BLANK , is that why it gave errors for the CORS ?
really no clues what to do with CORS and how it effected my apps...

Thanks for advising .

You enable CORS server-side, not client-side. It's your server that should handle it, and should be straightforward.

Which server framework you use? Also, sending user name and password in plain text in URL is a big security issue...

Hi , i am really not good in web and http response , this is what i got ,see if it helps you to give me advice ?

1. if i put this in my browser URL ,

 the server responded with 

Your server is probably not sending the CORS headers in the 401 response.

Again, what is your server written with? Is it a framework or developed in-house?

yes, it is written using python werkzeug WSGI , the complete respond is as

follow ,

def invalid_response(typ, message=None, status=400):
    """Invalid Response
    This will be the return value whenever the server runs into an error
    either from the client or the server."""
    return werkzeug.wrappers.Response(
        content_type='application/json; charset=utf-8',
            'type': typ,
            'message': message if message else 'wrong arguments (missing validation)',

so it is something wrong with my respond from server above ?