diff --git a/services/upload/uploadService.js b/services/upload/uploadService.js
index e432c11c..8bf44e2c 100644
--- a/services/upload/uploadService.js
+++ b/services/upload/uploadService.js
@@ -60,7 +60,7 @@ app.use(function (req, res, next) {
         res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, x-xsrf-token');
         next();
     } else {
-        res.header('Access-Control-Allow-Origin', '*');
+        res.header('Access-Control-Allow-Origin', req.headers.origin);
         res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept');
         next();
     }