The instructions say:
The file should be served with:
Content-Type: application/json
CORS: Access-Control-Allow-Origin: *
I have no idea how to ensure these conditions, nor even how to verify them, not being a Web developer. From my point of view, my Web site is a directory on some server, into which I copy files via scp. I have a human.json there, but no control over how it is served.
Are there simple recipes for known-to-work setups? If so, it would be helpful to mention them.