Allow access to arduino webserver: invocation issue

A webserver needs to get access to a ESP8266 webserver to collect json formatted data. For security reasons this is not allowed.
the formal way to give access is here: [ Cross-domain Ajax with Cross-Origin Resource Sharing - Human Who Codes

My code:

void writeResponse(WiFiClient& client, JsonObject& json) {
  client.println("HTTP/1.1 200 OK");
  client.println("Content-Type: application/json");
  client.println("Access-Control-Allow-Origin: *"); // Access-Control Origin allows every body to access this server see:
  client.println("Connection: close");


As a starter I have given "everybody access ("Access-Control-Allow-Origin: *"

The code in my web is as follows:

function callOtherDomain(){
  'GET', url, true);
            invocation.onreadystatechange = handler;
            document.getElementById("id4").innerHTML = "no response ";

Is there anybody with experience is this field who could give me advice?
](Cross-domain Ajax with Cross-Origin Resource Sharing - Human Who Codes)

jsonp is an easier way to get around the cross-domain restrictions all modern browsers have. See JSONP - Wikipedia as a starting point followed by for some code.

You will have to modify your ESP8266 code a little to play nicely though - the ESP8266 needs to return valid javascript function rather than JSON. This page seems to have working ESP8266 code to return the correct format: