Access-Control-Allow-Origin missing on the first response
"Access-Control-Allow-Origin" is a response header, not a request header. It is returned by a HTTP server when a HTTP client sends a request with an OPTION method. For example, the ajax API in browsers sends an OPTION request before trying a POST request when the targeted URL is not the current page URL (see Cross Origin Resource Sharing issue). This OPTION request contains the "Origin" header which holds the current page beginning of URL (scheme + domain). The Ajax API will send the POST request only if the response contains the header "Access-Control-Allow-Origin" with a URL matching the main page one.
You only need to worry about such headers if you want to access dynamic content from another server than the one serving the current page. It doesn't seem to be your case here.
For more information about CORS, see this wikipedia page: https://en.wikipedia.org/wiki/Cross-origin_resource_sharing
If there is also AngularJS tag, let me suggest you not to load html templates but compile them all into one JS file (for example with html2js grunt plugin)