diff --git a/backend/src/index.ts b/backend/src/index.ts
index b64ea83..f8f4152 100644
--- a/backend/src/index.ts
+++ b/backend/src/index.ts
@@ -46,15 +46,16 @@ fastify.register(cors, {
   origin: (origin, cb) => {
     // Allow requests with no origin (like mobile apps or curl)
     if (!origin) {
-      cb(null, true);
-      return;
+      return cb(null, true);
     }
 
     // Check if origin is in allowed list
-    if (allowedOrigins.some(allowed => origin === allowed || origin.endsWith(allowed))) {
-      cb(null, true);
+    const isAllowed = allowedOrigins.includes(origin);
+
+    if (isAllowed) {
+      return cb(null, true);
     } else {
-      cb(new Error('Not allowed by CORS'), false);
+      return cb(null, false);
     }
   },
   credentials: true,