In order to get it done, you have to configure server.conf setting crossOriginSharingPolicy = http://localhost:8000 change to match yours. Following code was fine to me in the JS.
But if you are trying to consume the webservice from SplunkWeb to Splunkd, I strongly recommend you to expose the endpoint in your web.conf and the acces it through localhost:8000/en-US/splunkd/__raw/services/custom_service in order to avoid CORS headers problems.
For web.conf
[expose:echo_persistent]
methods = POST
pattern = echo_persistent
This code was fine to me
var text = $("#text").val();
var xhr = new XMLHttpRequest();
xhr.open('POST', '/en-US/splunkd/__raw/services/custom_service', true);
xhr.setRequestHeader('X-Requested-With', 'XMLHttpRequest');
xhr.setRequestHeader('X-Splunk-Form-Key', document.cookie.match(/splunkweb_csrf_token_8000=(\d+)/)[1]);
xhr.send(text);
You can search for splunk_rest_examples for further information.
... View more