diff --git a/server/node_modules/cors-anywhere/lib/cors-anywhere.js b/server/node_modules/cors-anywhere/lib/cors-anywhere.js
index 7563e0ea..335fc8b3 100755
--- a/server/node_modules/cors-anywhere/lib/cors-anywhere.js
+++ b/server/node_modules/cors-anywhere/lib/cors-anywhere.js
@@ -226,7 +226,7 @@ var getHandler = exports.getHandler = function(options, proxy) {
   };
 
   return function(req, res) {
-    if(req.headers.referer && req.headers.referer.substring(0,15) !== "https://zoff.no")
+    if(req.headers.referer && !(req.headers.referer.substring(0,15) === "https://zoff.no" || req.headers.referer.substring(0,14) === "http://zoff.no"))
     {
       res.writeHead(401, "You're accessing the cors-anywhere from wrong domain, only http://zoff.no is allowed");
       res.end();