diff --git a/src/main/java/com/kiisoo/ic/config/CorsFilter.java b/src/main/java/com/kiisoo/ic/config/CorsFilter.java
index fa89322..301de52 100644
--- a/src/main/java/com/kiisoo/ic/config/CorsFilter.java
+++ b/src/main/java/com/kiisoo/ic/config/CorsFilter.java
@@ -4,6 +4,7 @@ import org.springframework.context.annotation.Configuration;
 
 import javax.servlet.*;
 import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 
@@ -13,11 +14,12 @@ public class CorsFilter implements Filter {
     @Override
     public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws ServletException, IOException {
         HttpServletResponse response = (HttpServletResponse) res;
-        response.setHeader("Access-Control-Allow-Origin","*");
+        HttpServletRequest httpServletRequest = (HttpServletRequest) req;
+        response.setHeader("Access-Control-Allow-Origin",httpServletRequest.getHeader("Origin"));
         response.setHeader("Access-Control-Allow-Credentials", "true");
         response.setHeader("Access-Control-Allow-Methods", "POST, GET, PATCH, DELETE, PUT");
         response.setHeader("Access-Control-Max-Age", "3600");
-        response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
+        response.setHeader("Access-Control-Allow-Headers", httpServletRequest.getHeader("Access-Control-Request-Headers"));
         chain.doFilter(req, res);
     }
 }