Have you tried adding the Access-Control-Allow-Origin:* to the header?
Older versions of Phonegap have a blocklist of URLs as well. Try adding your server to the allowed domains.
You can find a guide to add your domain to the whitelist here:
http://docs.phonegap.com/en/2.6.0/guide_whitelist_index.md.html#Domain%20Whitelist%20Guide