The "405 Method not allowed" response is because your browser is doing a "preflight" OPTIONS method request via angular $http and your server doesn't support it. There are a bunch of prerequisite responses to enable CORS. If you have access to the server, you can add support for it. One option is to use nginx as a front-end proxy with this kind of configuration:
http://enable-cors.org/server_nginx.html
Read the comments--they are really informative.
Also: see "Preflighted Requests" here: https://developer.mozilla.org/en-US/docs/HTTP/Access_control_CORS