diff --git a/lbrynet/conf.py b/lbrynet/conf.py
index 738a524b6..4186e8c3b 100644
--- a/lbrynet/conf.py
+++ b/lbrynet/conf.py
@@ -162,6 +162,12 @@ ENVIRONMENT = Env(
     lbryum_wallet_dir=(str, default_lbryum_dir),
     use_auth_http=(bool, False),
     sd_download_timeout=(int, 3),
+    # By default, daemon will block all cross origin requests
+    # but if this is set, this value will be used for the
+    # Access-Control-Allow-Origin. For example
+    # set to '*' to allow all requests, or set to 'http://localhost:8080'
+    # if you're running a test UI on that port
+    allowed_origin=(str, ''),
     # TODO: this field is more complicated than it needs to be because
     # it goes through a Fee validator when loaded by the exchange rate
     # manager.  Look into refactoring the exchange rate conversion to
diff --git a/lbrynet/lbrynet_daemon/auth/server.py b/lbrynet/lbrynet_daemon/auth/server.py
index 75b5f7712..10db9fea8 100644
--- a/lbrynet/lbrynet_daemon/auth/server.py
+++ b/lbrynet/lbrynet_daemon/auth/server.py
@@ -209,7 +209,8 @@ class AuthJSONRPCServer(AuthorizedBase):
         log.debug(err.getTraceback())
 
     def _set_headers(self, request, data, update_secret=False):
-        request.setHeader("Access-Control-Allow-Origin", settings.API_INTERFACE)
+        if settings.allowed_origin:
+            request.setHeader("Access-Control-Allow-Origin", settings.allowed_origin)
         request.setHeader("Content-Type", "text/json")
         request.setHeader("Content-Length", str(len(data)))
         if update_secret: