diff --git a/pages/api/account/index.js b/pages/api/account/index.js
index 101d3e7f..5afd8212 100644
--- a/pages/api/account/index.js
+++ b/pages/api/account/index.js
@@ -34,7 +34,7 @@ export default async (req, res) => {
             return badRequest(res, 'Account already exists');
           }
         }
-        console.log('------------------\n', data);
+
         const updated = await updateAccount(user_id, data);
 
         return ok(res, updated);
diff --git a/pages/api/website/[id]/active.js b/pages/api/website/[id]/active.js
index 280bc06e..ad7f8991 100644
--- a/pages/api/website/[id]/active.js
+++ b/pages/api/website/[id]/active.js
@@ -1,9 +1,12 @@
 import { getActiveVisitors } from 'lib/queries';
 import { methodNotAllowed, ok, unauthorized } from 'lib/response';
 import { allowQuery } from 'lib/auth';
+import { useCors } from 'lib/middleware';
 
 export default async (req, res) => {
   if (req.method === 'GET') {
+    await useCors(req, res);
+
     if (!(await allowQuery(req))) {
       return unauthorized(res);
     }
diff --git a/pages/api/website/[id]/events.js b/pages/api/website/[id]/events.js
index 7f348ee1..974e79f3 100644
--- a/pages/api/website/[id]/events.js
+++ b/pages/api/website/[id]/events.js
@@ -2,11 +2,14 @@ import moment from 'moment-timezone';
 import { getEventMetrics } from 'lib/queries';
 import { ok, badRequest, methodNotAllowed, unauthorized } from 'lib/response';
 import { allowQuery } from 'lib/auth';
+import { useCors } from 'lib/middleware';
 
 const unitTypes = ['year', 'month', 'hour', 'day'];
 
 export default async (req, res) => {
   if (req.method === 'GET') {
+    await useCors(req, res);
+
     if (!(await allowQuery(req))) {
       return unauthorized(res);
     }
diff --git a/pages/api/website/[id]/index.js b/pages/api/website/[id]/index.js
index 74ce0f33..7018a01d 100644
--- a/pages/api/website/[id]/index.js
+++ b/pages/api/website/[id]/index.js
@@ -1,6 +1,7 @@
 import { deleteWebsite, getWebsiteById } from 'lib/queries';
 import { methodNotAllowed, ok, unauthorized } from 'lib/response';
 import { allowQuery } from 'lib/auth';
+import { useCors } from 'lib/middleware';
 
 export default async (req, res) => {
   const { id } = req.query;
@@ -8,6 +9,8 @@ export default async (req, res) => {
   const websiteId = +id;
 
   if (req.method === 'GET') {
+    await useCors(req, res);
+
     if (!(await allowQuery(req))) {
       return unauthorized(res);
     }
diff --git a/pages/api/website/[id]/metrics.js b/pages/api/website/[id]/metrics.js
index 675427db..7e74f044 100644
--- a/pages/api/website/[id]/metrics.js
+++ b/pages/api/website/[id]/metrics.js
@@ -1,6 +1,7 @@
 import { getPageviewMetrics, getSessionMetrics, getWebsiteById } from 'lib/queries';
 import { ok, methodNotAllowed, unauthorized, badRequest } from 'lib/response';
 import { allowQuery } from 'lib/auth';
+import { useCors } from 'lib/middleware';
 
 const sessionColumns = ['browser', 'os', 'device', 'country', 'language'];
 const pageviewColumns = ['url', 'referrer'];
@@ -26,6 +27,8 @@ function getColumn(type) {
 
 export default async (req, res) => {
   if (req.method === 'GET') {
+    await useCors(req, res);
+
     if (!(await allowQuery(req))) {
       return unauthorized(res);
     }
diff --git a/pages/api/website/[id]/pageviews.js b/pages/api/website/[id]/pageviews.js
index e2069f8c..41ea06eb 100644
--- a/pages/api/website/[id]/pageviews.js
+++ b/pages/api/website/[id]/pageviews.js
@@ -2,11 +2,14 @@ import moment from 'moment-timezone';
 import { getPageviewStats } from 'lib/queries';
 import { ok, badRequest, methodNotAllowed, unauthorized } from 'lib/response';
 import { allowQuery } from 'lib/auth';
+import { useCors } from 'lib/middleware';
 
 const unitTypes = ['year', 'month', 'hour', 'day'];
 
 export default async (req, res) => {
   if (req.method === 'GET') {
+    await useCors(req, res);
+
     if (!(await allowQuery(req))) {
       return unauthorized(res);
     }
diff --git a/pages/api/website/[id]/stats.js b/pages/api/website/[id]/stats.js
index cdb374e2..7b1c5cf0 100644
--- a/pages/api/website/[id]/stats.js
+++ b/pages/api/website/[id]/stats.js
@@ -1,9 +1,12 @@
 import { getWebsiteStats } from 'lib/queries';
 import { methodNotAllowed, ok, unauthorized } from 'lib/response';
 import { allowQuery } from 'lib/auth';
+import { useCors } from 'lib/middleware';
 
 export default async (req, res) => {
   if (req.method === 'GET') {
+    await useCors(req, res);
+
     if (!(await allowQuery(req))) {
       return unauthorized(res);
     }