You'll need to read up on the CORS protocol.
I wrote a blog post a while back about implementing CORS. It's based on the use of the Spring framework (specifically Spring Boot), not the Servlet API directly, but it does have a fairly extensive explanation of how CORS works.
Your specific problem is that you are only handling POSTs.
The CORS protocol involves the web browser making an OPTIONS request to your server.
It is this OPTIONS request that must have the Access-Control-Allow-Origin and related headers returned in the response.
If the browser sees those headers in the response, it will then do the POST.
If it does not see those headers in the response to the OPTIONS request, you'll get an HTTP error, reading something like "No 'Access-Control-Allow-Origin' header is present on the requested resource", and the POST request will not be made.
