diff --git a/server/middleware/cors.ts b/server/middleware/cors.ts
index 740e9fc..b797738 100644
--- a/server/middleware/cors.ts
+++ b/server/middleware/cors.ts
@@ -1,14 +1,8 @@
 export default defineEventHandler((event) => {
-    event.headers.append('Access-Control-Allow-Origin', 'https://tueitapp.tueit.de');
-    event.headers.append('Access-Control-Allow-Headers', 'content-type');
-    event.headers.append('Access-Control-Allow-Methods', 'OPTIONS,GET,HEAD,PUT,PATCH,POST,DELETE');
-    // event.headers.append('Access-Control-Allow-Credentials', 'true');
-    // event.headers.append('Access-Control-Options', 'true');
-    // event.headers.append('Access-Control-Expose-Headers', 'Content-Length,Content-Range');
-    // event.headers.append('Access-Control-Max-Age', '600');
-    // event.headers.append('crossOriginResourcePolicy', 'same-origin');
-    // event.headers.append('crossOriginOpenerPolicy', 'same-origin');
-    // event.headers.append('crossOriginEmbedderPolicy', 'require-corp');
-    // event.headers.append('contentSecurityPolicy', "default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests");
-    // event.headers.append('X-XSS-Protection', '1');
+ 
+    if (event.method === 'OPTIONS') {
+      event.node.res.statusCode = 204;
+      event.node.res.statusMessage = "No Content";
+      return 'OK'
+    }
 })