diff --git a/proxy_image/default_location b/proxy_image/default_location
index 290d0764b2b8dd33bdb31e5fd57b2b1e72c0d2dc..ee62b8d3beb8b86a8ea2c9dbd4a5f73ebaccae15 100644
--- a/proxy_image/default_location
+++ b/proxy_image/default_location
@@ -1,3 +1,13 @@
+if ($http_origin ~* (.*\.kfa-juelich.de|.*\.fz-juelich.de|.*\.eflows4hpc.eu)) {
+    add_header 'Access-Control-Allow-Origin' "$http_origin";
+    add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, DELETE, PUT';
+    add_header 'Access-Control-Allow-Credentials' 'true';
+    add_header 'Access-Control-Allow-Headers' 'User-Agent,Keep-Alive,Content-Type';
+}
+if ($request_method = OPTIONS) {
+    return 204;
+}
+
 location ~ \.(html|css|js|ico|jpg|jpeg|png|webp)$ {
     if ($request_method = OPTIONS) {
         return 204;