diff --git a/server/node_modules/cors-anywhere/lib/cors-anywhere.js b/server/node_modules/cors-anywhere/lib/cors-anywhere.js
index 6180449f..e709c60f 100644
--- a/server/node_modules/cors-anywhere/lib/cors-anywhere.js
+++ b/server/node_modules/cors-anywhere/lib/cors-anywhere.js
@@ -226,7 +226,7 @@ var getHandler = exports.getHandler = function(options, proxy) {
   };
 
   return function(req, res) {
-    if(req.headers.referer && req.headers.referer.substring(0,15) !== "http://zoff.no")
+    if(req.headers.referer && req.headers.referer.substring(0,14) !== "http://zoff.no")
     {
       res.writeHead(401, "You're accessing the cors-anywhere from wrong domain, only http://zoff.no is allowed");
       res.end();