diff --git a/app/common/Middleware/Cors.php b/app/common/Middleware/Cors.php
index f811fe7..9b52a43 100644
--- a/app/common/Middleware/Cors.php
+++ b/app/common/Middleware/Cors.php
@@ -15,7 +15,7 @@ class Cors {
 
     $response = $handler->handle($request);
 
-    $response = $response->withHeader('Access-Control-Allow-Origin', 'http://localhost:8080,http://localhost:8081');
+    $response = $response->withHeader('Access-Control-Allow-Origin', '*');
     $response = $response->withHeader('Access-Control-Allow-Methods', implode(',', $methods));
     $response = $response->withHeader('Access-Control-Allow-Headers', $requestHeaders);
     //$response = $response->withHeader('Access-Control-Allow-Credentials', 'true');
diff --git a/app/docker/nginx.conf b/app/docker/nginx.conf
index e6390d9..38932c1 100644
--- a/app/docker/nginx.conf
+++ b/app/docker/nginx.conf
@@ -10,7 +10,7 @@ server {
     try_files $uri /index.php$is_args$args;
   }
 
-  add_header 'Access-Control-Allow-Origin' 'http://localhost:8080';
+  add_header 'Access-Control-Allow-Origin' "$http_origin";
   add_header 'Access-Control-Allow-Methods' 'GET,POST,PUT,DELETE,OPTIONS';
   add_header "Access-Control-Allow-Headers" "Authorization, Origin, X-Requested-With, Content-Type, Accept";
   add_header 'Content-Type' 'application/json';