diff --git a/requirements.txt b/requirements.txt
index 4866ead7..97d7e3d3 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -33,3 +33,4 @@ black==22.8.0
 isort==5.10.1
 flake8==5.0.4
 pyflakes==2.5.0
+django-cors-headers==3.13.0
diff --git a/robosats/settings.py b/robosats/settings.py
index 443afe41..9ef23ca3 100644
--- a/robosats/settings.py
+++ b/robosats/settings.py
@@ -2,6 +2,7 @@
 Django settings for robosats project.
 
 Generated by 'django-admin startproject' using Django 4.0.
+WATCH OUT RoboSats backend was later downgraded to Django 3.2 (compatibility with existing plugins!)
 
 For more information on this file, see
 https://docs.djangoproject.com/en/4.0/topics/settings/
@@ -50,6 +51,8 @@ ALLOWED_HOSTS = [
     "127.0.0.1",
 ]
 
+CORS_ALLOW_ALL_ORIGINS = True
+
 # Allows Session Cookie to be read by Javascript on Client side.
 SESSION_COOKIE_HTTPONLY = False
 
@@ -84,6 +87,7 @@ INSTALLED_APPS = [
     "django.contrib.sessions",
     "django.contrib.messages",
     "django.contrib.staticfiles",
+    "corsheaders",
     "rest_framework",
     "channels",
     "django_celery_beat",
@@ -143,6 +147,8 @@ MIDDLEWARE = [
     "django.contrib.auth.middleware.AuthenticationMiddleware",
     "django.contrib.messages.middleware.MessageMiddleware",
     "django.middleware.clickjacking.XFrameOptionsMiddleware",
+    "corsheaders.middleware.CorsMiddleware",
+    "django.middleware.common.CommonMiddleware",
 ]
 
 ROOT_URLCONF = "robosats.urls"