diff --git a/config/express.js b/config/express.js
index 1d6fb62..d61bf61 100644
--- a/config/express.js
+++ b/config/express.js
@@ -36,14 +36,6 @@ module.exports = function(app, historicSync, peerSync) {
   app.use(express.methodOverride());
   app.use(express.compress());
 
-  app.use(function(req, res, next) {
-    console.log('asdasdasdasd');
-    res.setHeader('Access-Control-Allow-Origin', '*');
-    res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
-    res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type');
-    next();
-  });
-
   if (config.publicPath) {
     var staticPath = path.normalize(config.rootPath + '/../' + config.publicPath);
 
diff --git a/config/headers.js b/config/headers.js
new file mode 100644
index 0000000..9614cef
--- /dev/null
+++ b/config/headers.js
@@ -0,0 +1,13 @@
+'use strict';
+
+var logger = require('../lib/logger').logger;
+
+module.exports = function(app) {
+
+  app.use(function(req, res, next) {
+    res.setHeader('Access-Control-Allow-Origin', '*');
+    res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
+    res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type');
+    next();
+  });
+};
diff --git a/insight.js b/insight.js
index 4806581..d9ee63f 100755
--- a/insight.js
+++ b/insight.js
@@ -62,6 +62,8 @@ program.parse(process.argv);
 // create express app
 var expressApp = express();
 
+// setup headers
+require('./config/headers')(expressApp);
 
 // setup http/https base server
 var server;