Cross-Origin Request / CORS header - Robot Web Services

I’m trying to run the example javascript client for the Robot Web Services REST API as found in the documentation:
http://developercenter.robotstudio.com/blobproxy/devcenter/Robot_Web_Services/html/_hello_controller_html_8html-example.html

I have changed the URL to the IP address of the controller:

rwServiceResource.open("GET","http://192.168.125.1/rw/system?json=1",true);

When opening the html file (from my laptop on my laptop, for development) I am getting an error in the javascript console:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://192.168.125.1/rw/system?json=1. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

How should I fix this? Why doesn’t the controller API give a CORS header? I can’t serve the html from the controller right?

Oh, after posting I noticed some information in the documentation that I didn’t see earlier because of some strange behaviour of the documentation site.
It states:

• Create a folder named docs under the HOME folder on the controller.
• Copy the html file to the HOME/docs folder
• Enter the URL {controller ipaddr}/docs/HelloControllerHtml.html in a web browser. (Depending on your network; you migth need to disable the proxy in your web browser)
• For a VC type the URL http://127.0.0.1/docs/HelloControllerHtml.html in the browser

So my new question is: is there some way to serve the code outside of the controller?