diff --git a/server/plugins/example/main.go b/server/plugins/example/main.go
index 19dcbe16..5171367b 100644
--- a/server/plugins/example/main.go
+++ b/server/plugins/example/main.go
@@ -186,6 +186,8 @@ func AuthWithHttp(ctx *gin.Context, req *common.HttpKnockRequest, helper *plugin
 		return
 	}
 
+	corsMiddleware(ctx)
+
 	switch {
 	case strings.EqualFold(action, "valid"):
 		ackMsg, err = authRegular(ctx, req, res, helper)
@@ -316,6 +318,17 @@ func AuthWithNHP(req *common.NhpAuthRequest, helper *plugins.NhpServerPluginHelp
 	return ackMsg, err
 }
 
+func corsMiddleware(ctx *gin.Context) {
+	originResource := ctx.Request.Header.Get("Origin")
+
+	if (originResource != "") {
+		// HTTP headers for CORS
+		ctx.Writer.Header().Set("Access-Control-Allow-Origin", originResource) // allow cross-origin resource sharing
+	}
+
+	ctx.Next()
+}
+
 func main() {
 
 }
diff --git a/server/plugins/example/templates/example_login.html b/server/plugins/example/templates/example_login.html
index 68511541..af9d5a75 100644
--- a/server/plugins/example/templates/example_login.html
+++ b/server/plugins/example/templates/example_login.html
@@ -289,7 +289,9 @@ <h2 id="authSuccessMessage"></h2>
             "&password=" + encodeURIComponent(password);
             console.log(nhpValidUrl);
 
-            fetch(nhpValidUrl)
+            fetch(nhpValidUrl,{
+                credentials: "include"
+            })
             .then(response => response.json())
             .then(result => {
                 console.log(result);