diff --git a/www-api/app/Controllers/WrenchTransactions.php b/www-api/app/Controllers/WrenchTransactions.php
index 1eecd7e4..3d252f3d 100644
--- a/www-api/app/Controllers/WrenchTransactions.php
+++ b/www-api/app/Controllers/WrenchTransactions.php
@@ -9,16 +9,16 @@ class WrenchTransactions extends BaseController
     use ResponseTrait;
     public function apigate(){
         log_message('critical', "WrenchTransactions-Gate");
-        header('Access-Control-Allow-Origin: *');
+//        header('Access-Control-Allow-Origin: *');
         log_message('critical', "0002");
         $call_backend =  true;
 
-        header("Access-Control-Allow-Headers: Origin, X-API-KEY, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, Access-Control-Allow-Headers, Authorization, observe, enctype, Content-Length, X-Csrf-Token");
-        log_message('critical', "0003");
-        header("Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS");
-        header("Access-Control-Allow-Credentials: true");
-        header("Access-Control-Max-Age: 3600");
-        header('content-type: application/json; charset=utf-8');
+//        header("Access-Control-Allow-Headers: Origin, X-API-KEY, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, Access-Control-Allow-Headers, Authorization, observe, enctype, Content-Length, X-Csrf-Token");
+//        log_message('critical', "0003");
+//        header("Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS");
+//        header("Access-Control-Allow-Credentials: true");
+//        header("Access-Control-Max-Age: 3600");
+//        header('content-type: application/json; charset=utf-8');
         $method = $_SERVER['REQUEST_METHOD'];
         if ($method == "OPTIONS") {
             header("HTTP/1.1 200 OK CORS");