I created a test scripted rest API and trying to call that from the javascript. However, I am getting the following error message. However, I don't get any error when I call that URL from POSTMan. 

ScriptedRESTaspx.aspx:1 Access to XMLHttpRequest at 'https://dev60000.service-now.com/api/x_43436_gmail/sayhello/Hello/Bob' from origin 'http://localhost:27586' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

here is the script that I am trying to run.

<%@ Page Language="VB" AutoEventWireup="false" CodeFile="ScriptedRESTaspx.aspx.vb" Inherits="ScriptedRESTaspx" %>

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
<title></title>
</head>
<body>
<form id="form1" runat="server">
<div>
<script type="text/javascript">
function sayHello() {
var requestBody = "";

var client = new XMLHttpRequest();

client.open("get", "https://dev60000.service-now.com/api/x_43436_gmail/sayhello/Hello/Bob");

client.setRequestHeader('Accept', 'application/json');
client.setRequestHeader('Content-Type', 'application/json');

//Eg. UserName="admin", Password="admin" for this code sample.
client.setRequestHeader('Authorization', 'Basic ' + btoa('*****' + ':' + '******'));

client.onreadystatechange = function () {
if (this.readyState == this.DONE) {
document.getElementById("demo").innerHTML = this.status + this.response;
}
};
client.send(requestBody);

}

</script>
</div>
</form>
<p id="demo">Click the button to change the text in this paragraph.</p>

<%--<p>
<textarea id="TextArea1" cols="20" name="S1" rows="2"></textarea></p>--%>
<p>
<input id="Button1" type="button" value="button" onclick="sayHello()"/></p>
</body>
</html>