diff --git a/pom.xml b/pom.xml
index 599c97c..922207e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -10,7 +10,7 @@
 	<properties>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<java.version>11</java.version>
-		<revision>0.5.0-SNAPSHOT</revision>
+		<revision>1.0.0</revision>
 	</properties>
 
 	<parent>
diff --git a/src/main/java/de/bstly/board/security/SecurityConfig.java b/src/main/java/de/bstly/board/security/SecurityConfig.java
index a8b1fe0..cd9edd4 100755
--- a/src/main/java/de/bstly/board/security/SecurityConfig.java
+++ b/src/main/java/de/bstly/board/security/SecurityConfig.java
@@ -3,6 +3,8 @@
  */
 package de.bstly.board.security;
 
+import java.util.Collections;
+
 import javax.sql.DataSource;
 
 import org.springframework.beans.factory.annotation.Autowired;
@@ -22,10 +24,14 @@ import org.springframework.security.web.authentication.rememberme.JdbcTokenRepos
 import org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices;
 import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+
+import com.google.common.collect.Lists;
 
 import de.bstly.board.businesslogic.UserManager;
 
-
 /**
  * The Class SecurityConfig.
  */
@@ -33,29 +39,21 @@ import de.bstly.board.businesslogic.UserManager;
 @EnableGlobalMethodSecurity(prePostEnabled = true)
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
-	
 	@Autowired
 	private UserManager localUserManager;
-	
-	
 	@Autowired
 	private OAuth2AuthenticationSuccessHandler oAuth2AuthenticationSuccessHandler;
-	
-	
 	@Autowired
 	private DataSource dataSource;
-	
-	
 	@Value("${loginUrl:/login}")
 	private String loginUrl;
-	
-	
 	@Value("${loginTargetUrl:/}")
 	private String loginTargetUrl;
 
-
 	/*
-	 * @see org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter#configure(org.springframework.security.config.annotation.web.builders.HttpSecurity)
+	 * @see org.springframework.security.config.annotation.web.configuration.
+	 * WebSecurityConfigurerAdapter#configure(org.springframework.security.config.
+	 * annotation.web.builders.HttpSecurity)
 	 */
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
@@ -66,6 +64,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 		http
 				// crsf
 				.csrf().disable()
+				// cors
+				// .cors().configurationSource(corsConfigurationSource()).and()
 				// anonymous
 				.anonymous().disable()
 				// login
@@ -126,4 +126,16 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 		return rememberMeServices;
 	}
 
+	@Bean
+	public CorsConfigurationSource corsConfigurationSource() {
+		CorsConfiguration configuration = new CorsConfiguration();
+		configuration.setAllowedOriginPatterns(Lists.newArrayList("localhost", "http://localhost",
+				"http://localhost:4200", "https://board.bstly.lh8.de"));
+		configuration.setAllowedMethods(Collections.singletonList("*"));
+		configuration.setAllowCredentials(true);
+		configuration.setAllowedHeaders(Collections.singletonList("*"));
+		UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+		source.registerCorsConfiguration("/**", configuration);
+		return source;
+	}
 }