As a security feature, AJAX prevents calls to resources that lives outside the current origin. Which means you can’t provide a service exposed by Web API to some origin. However, if you want to allow legitimate acces to a resource, this is where Cross Origin Resources (CORS) come in place.
CORS or Cross Engine Resource Sharing is a W3C standard that deals with the mechanism for making AJAX calls across various origins. ASP.NET Web API Supports CORS comes in the form of System.Web.Cors and System.Web.Http.Cors.
Read the rest of the post here:Â http://www.codeguru.com/csharp/.net/net_asp/using-cross-origin-resource-sharing-cors-in-asp.net-web-api.html