如何修复Java脚本中的cors策略已被api阻止

Question

我正在使用html创建登录页面，而我登录的api是REST API（django）。 在运行时，它表明cors策略已被阻止。如何解决这个错误？ 我必须更改一些Java脚本或API。

 var username=document.getElementById('UserName').value;
                var password=document.getElementById('Password').value;

            var http = new XMLHttpRequest();
            var url = 'https://creativedsapi.kdns.in/hrapi/login';

            var params={

"username":username,
"password":password
};
                http.open('POST', url, true);

            //Send the proper header information along with the request
            http.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
            http.setRequestHeader("Content-Type", "application/json");
            http.onreadystatechange = function() {//Call a function when the state changes.
                if(http.readyState === 4 && http.status === 200) {
                alert(http.responseText);

                }
            }
            http.send(JSON.stringify(params));