diff --git a/server/app/__init__.py b/server/app/__init__.py
index c159c56..109d167 100644
--- a/server/app/__init__.py
+++ b/server/app/__init__.py
@@ -1,5 +1,4 @@
 from flask import Flask
-from flask_cors import CORS
 from flask_mail import Mail
 from werkzeug.middleware.proxy_fix import ProxyFix
 
@@ -20,12 +19,4 @@ def create_app(cfg=config):
 
     app.register_blueprint(bp_api)
 
-    CORS(
-        app,
-        resources={r'/api/*': {
-            'methods': ['POST', 'OPTIONS'],
-            'allow_origins': app.config['CORS_ALLOWED_ORIGINS'].split(','),
-            'allow_headers': app.config['CORS_ALLOWED_HEADERS'].split(','),
-        }})
-
     return app
diff --git a/server/app/api/routes.py b/server/app/api/routes.py
index 76a5ccb..3b264e7 100644
--- a/server/app/api/routes.py
+++ b/server/app/api/routes.py
@@ -8,6 +8,13 @@ from app.api import bp
 from app import mail
 
 
+@bp.after_request
+def after(response):
+    response.headers["Access-Control-Allow-Origin"] = "*"
+    response.headers["Access-Control-Allow-Headers"] = "*"
+    return response
+
+
 @bp.route("/rfq", methods=["POST"])
 def send_rfq():
     payload = request.json
diff --git a/server/config.py b/server/config.py
index 4af58e5..db7a238 100644
--- a/server/config.py
+++ b/server/config.py
@@ -16,6 +16,3 @@ MAIL_USERNAME = getenv("FLASK_MAIL_USERNAME")
 MAIL_PASSWORD = getenv("FLASK_MAIL_PASSWORD")
 
 MAIL_RECIPIENT = getenv("FLASK_MAIL_RECIPIENT")
-
-CORS_ALLOWED_ORIGINS = getenv("FLASK_CORS_ORIGINS")
-CORS_ALLOWED_HEADERS = getenv("FLASK_CORS_ALLOW_HEADERS")
diff --git a/server/requirements.txt b/server/requirements.txt
index d124800..0a4de31 100644
--- a/server/requirements.txt
+++ b/server/requirements.txt
@@ -1,7 +1,6 @@
 blinker==1.4
 click==7.1.1
 Flask==1.1.2
-Flask-Cors==3.0.7
 Flask-Mail==0.9.1
 itsdangerous==1.1.0
 Jinja2==2.11.1