diff --git a/config/conf/__init__.py b/config/conf/__init__.py
index 27fe4f1..44c072c 100644
--- a/config/conf/__init__.py
+++ b/config/conf/__init__.py
@@ -2,4 +2,5 @@ from .jazzmin import *
 from .drf_yasg import *
 from .redis import *
 from .rest_framework import *
-from .rest_framework_simplejwt import *
\ No newline at end of file
+from .rest_framework_simplejwt import *
+from .cors_headers import *
\ No newline at end of file
diff --git a/config/conf/cors_headers.py b/config/conf/cors_headers.py
new file mode 100644
index 0000000..61f39c0
--- /dev/null
+++ b/config/conf/cors_headers.py
@@ -0,0 +1,8 @@
+CORS_ALLOWED_ORIGINS = [
+    "http://localhost:8081",
+    "http://127.0.0.1:8081",
+]
+
+CSRF_TRUSTED_ORIGINS = [
+    "https://uyqur.felixits.uz",
+]
diff --git a/config/settings/base.py b/config/settings/base.py
index 26b3ffb..8d43cdb 100644
--- a/config/settings/base.py
+++ b/config/settings/base.py
@@ -33,6 +33,7 @@ PACKAGES = [
     'drf_yasg',
     'rest_framework',
     'rest_framework_simplejwt',
+    'corsheaders',
 ]
 
 DJANGO_APPS = [
@@ -54,6 +55,7 @@ INSTALLED_APPS += APPS
 MIDDLEWARE = [
     'django.middleware.security.SecurityMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
+    'corsheaders.middleware.CorsMiddleware',
     'django.middleware.common.CommonMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
diff --git a/requirements.txt b/requirements.txt
index 0676245..65f8649 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -8,6 +8,7 @@ click-plugins==1.1.1.2
 click-repl==0.3.0
 Django==5.2.4
 django-cacheops==7.2
+django-cors-headers==4.7.0
 django-environ==0.12.0
 django-jazzmin==3.0.1
 django-redis==6.0.0