When making request from other website (eg: from https://example1.com to https://example2.sg), it reported error of CORS (not allow, or missing headers in the preflight response), the following code applied on the server code works (python code in this case, in the https://example1.com):

@app.after_request
def apply_caching(response):
    response.headers["X-Frame-Options"] = "SAMEORIGIN"
    response.headers["Access-Control-Allow-Origin"] = "*"
    response.headers["Access-Control-Allow-Headers"] = "Access-Control-Allow-Origin,access-control-allow-origin,Access-Control-Allow-Headers,Content-Type"
    return response

@app.route('/healthz')
def home():
    status=200
    response = make_response(
                jsonify(
                    {"message": 'Hello from ABC DEF!'}
                ),
                status,
            )
    return apply_caching(response)