diff --git a/server.js b/server.js
index 57694f6..4b56e1c 100644
--- a/server.js
+++ b/server.js
@@ -9,8 +9,25 @@ import OpenAI from "openai";
 const { Pool } = pg;
 const app = express();
 
-app.use(cors());
-// Ampliamos el límite a 10MB para permitir la subida de logotipos en Base64
+// Configuración de CORS Profesional
+const corsOptions = {
+  origin: [
+    'https://web.integrarepara.es', 
+    'https://portal.integrarepara.es',
+    'http://localhost:3000', 
+    'http://127.0.0.1:3000'
+  ],
+  methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'],
+  allowedHeaders: ['Content-Type', 'Authorization'],
+  credentials: true,
+  optionsSuccessStatus: 200
+};
+
+app.use(cors(corsOptions));
+// Habilitar pre-flight para todas las rutas
+app.options('*', cors(corsOptions));
+
+// Límites de subida para logotipos en Base64
 app.use(express.json({ limit: '10mb' }));
 app.use(express.urlencoded({ limit: '10mb', extended: true }));