diff --git a/example/src/main/java/org/openmbee/mms/example/config/ExampleSecurityConfig.java b/example/src/main/java/org/openmbee/mms/example/config/ExampleSecurityConfig.java
index ac7f771a1..d7ccd3397 100644
--- a/example/src/main/java/org/openmbee/mms/example/config/ExampleSecurityConfig.java
+++ b/example/src/main/java/org/openmbee/mms/example/config/ExampleSecurityConfig.java
@@ -2,6 +2,7 @@
 
 import org.openmbee.mms.authenticator.config.AuthSecurityConfig;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.MediaType;
@@ -31,6 +32,9 @@
 @EnableAsync
 public class ExampleSecurityConfig extends WebSecurityConfigurerAdapter implements WebMvcConfigurer {
 
+    @Value("${cors.allowed.origins:*}")
+    private String allowedOrigins;
+
     @Autowired
     AuthSecurityConfig authSecurityConfig;
 
@@ -57,7 +61,7 @@ public AuthenticationManager authenticationManagerBean() throws Exception {
 
     @Override
     public void addCorsMappings(CorsRegistry registry) {
-        registry.addMapping("/**").allowedMethods("GET", "POST", "PUT", "DELETE");
+        registry.addMapping("/**").allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS");
     }
 
     private CorsFilter corsFilter() {
@@ -70,7 +74,9 @@ private CorsFilter corsFilter() {
 
         CorsConfiguration config = new CorsConfiguration();
         config.setAllowCredentials(true);
-        config.addAllowedOrigin("*");
+        for(String origin: allowedOrigins.split(",")) {
+            config.addAllowedOrigin(origin);
+        }
         config.addAllowedHeader(ORIGIN);
         config.addAllowedHeader(CONTENT_TYPE);
         config.addAllowedHeader(ACCEPT);
diff --git a/example/src/main/resources/application-test.properties b/example/src/main/resources/application-test.properties
index 2a9b572e1..f36a8f0c7 100644
--- a/example/src/main/resources/application-test.properties
+++ b/example/src/main/resources/application-test.properties
@@ -4,6 +4,8 @@ mms.admin.password=test
 
 mms.stream.batch.size=100000
 
+cors.allowed.origins=*
+
 jwt.secret=12345678901234567890123456789012
 jwt.expiration=86400
 jwt.header=Authorization
diff --git a/example/src/main/resources/application.properties.example b/example/src/main/resources/application.properties.example
index 339250a5f..8f49b45a1 100644
--- a/example/src/main/resources/application.properties.example
+++ b/example/src/main/resources/application.properties.example
@@ -4,6 +4,9 @@ mms.admin.password=test
 
 mms.stream.batch.size=100000
 
+#Comma Separated list of allowed cross site origins
+cors.allowed.origins=*
+
 jwt.secret=make_me_something_really_long
 jwt.expiration=86400
 jwt.header=Authorization
diff --git a/gradle/wrapper/gradle-wrapper.jar b/gradle/wrapper/gradle-wrapper.jar
index 7454180f2..41d9927a4 100644
Binary files a/gradle/wrapper/gradle-wrapper.jar and b/gradle/wrapper/gradle-wrapper.jar differ