diff --git a/EnvelopeGenerator.Web/Controllers/HomeController.cs b/EnvelopeGenerator.Web/Controllers/HomeController.cs
index 1d2c742c..a4cb6a99 100644
--- a/EnvelopeGenerator.Web/Controllers/HomeController.cs
+++ b/EnvelopeGenerator.Web/Controllers/HomeController.cs
@@ -13,6 +13,7 @@ using Microsoft.Extensions.Localization;
 using DigitalData.Core.DTO;
 using EnvelopeGenerator.Application.Resources;
 using EnvelopeGenerator.Application.DTOs;
+using Microsoft.AspNetCore.Localization;
 
 namespace EnvelopeGenerator.Web.Controllers
 {
@@ -214,6 +215,16 @@ namespace EnvelopeGenerator.Web.Controllers
             return Ok(new { EnvelopeUuid = envelopeUuid, ReceiverSignature = receiverSignature });
         }
 
+        [HttpPost("{language}")]
+        public IActionResult PostLanguage([FromQuery] string language)
+        {
+            Response.Cookies.Append(CookieRequestCultureProvider.DefaultCookieName, CookieRequestCultureProvider.MakeCookieValue(new RequestCulture(language)), new CookieOptions()
+            {
+                Expires = DateTimeOffset.UtcNow.AddYears(1)
+            });
+            return Redirect(Request.Headers["Referer"].ToString());
+        }
+
         public IActionResult Error404() => this.ViewError404();
     }
 }
\ No newline at end of file
diff --git a/EnvelopeGenerator.Web/Program.cs b/EnvelopeGenerator.Web/Program.cs
index 0ba100e0..8d6a459e 100644
--- a/EnvelopeGenerator.Web/Program.cs
+++ b/EnvelopeGenerator.Web/Program.cs
@@ -22,6 +22,21 @@ try
 {
     var builder = WebApplication.CreateBuilder(args);
 
+    var allowedOrigins = builder.Configuration.GetSection("AllowedOrigins").Get<string[]>() ??
+        throw new InvalidOperationException("AllowedOrigins section is missing in the configuration.");
+
+    builder.Services.AddCors(options =>
+    {
+        options.AddPolicy("SameOriginPolicy", builder =>
+        {
+            builder.WithOrigins(allowedOrigins)
+                   .SetIsOriginAllowedToAllowWildcardSubdomains()
+                   .AllowCredentials()
+                   .AllowAnyMethod()
+                   .AllowAnyHeader();
+        });
+    });
+
     builder.Logging.ClearProviders();
     builder.Host.UseNLog();
 
@@ -159,7 +174,9 @@ try
     app.UseAuthentication();
     app.UseAuthorization();
 
-    app.UseCookieBasedLocalizer("de_DE", "en_US");   
+    app.UseCookieBasedLocalizer("de_DE", "en_US");
+
+    app.UseCors("SameOriginPolicy");
 
     app.MapControllers();
     app.MapFallbackToController("Error404", "Home");
diff --git a/EnvelopeGenerator.Web/appsettings.json b/EnvelopeGenerator.Web/appsettings.json
index 5dcb02dc..efa23a43 100644
--- a/EnvelopeGenerator.Web/appsettings.json
+++ b/EnvelopeGenerator.Web/appsettings.json
@@ -9,6 +9,7 @@
     }
   },
   "AdminPassword": "dd",
+  "AllowedOrigins": [ "https://localhost:7202" ],
   "NLog": {
     "throwConfigExceptions": true,
     "targets": {