diff --git a/src/invidious.cr b/src/invidious.cr
index 3c251d96..d8c7301e 100644
--- a/src/invidious.cr
+++ b/src/invidious.cr
@@ -128,6 +128,15 @@ if CONFIG.geo_bypass
 end
 
 before_all do |env|
+  if CONFIG.domains && env.request.headers["Origin"]?
+    origin = env.request.headers["Origin"]
+    domains = CONFIG.domains.not_nil!
+
+    if !domains.includes? origin
+      halt env, status_code: 403
+    end
+  end
+
   env.response.headers["X-XSS-Protection"] = "1; mode=block;"
   env.response.headers["X-Content-Type-Options"] = "nosniff"
 
diff --git a/src/invidious/helpers/helpers.cr b/src/invidious/helpers/helpers.cr
index 92a2e1b1..98357440 100644
--- a/src/invidious/helpers/helpers.cr
+++ b/src/invidious/helpers/helpers.cr
@@ -16,6 +16,7 @@ class Config
     hmac_key:     String?,
     full_refresh: Bool,
     geo_bypass:   Bool,
+    domains:      Array(String)?,
   })
 end