diff --git a/b0esche_cloud/lib/widgets/file_viewer_dispatch.dart b/b0esche_cloud/lib/widgets/file_viewer_dispatch.dart
index 74e41ca..ebd929b 100644
--- a/b0esche_cloud/lib/widgets/file_viewer_dispatch.dart
+++ b/b0esche_cloud/lib/widgets/file_viewer_dispatch.dart
@@ -140,10 +140,17 @@ class FileViewerDispatch {
         );
       }
 
-      return Container(
-        color: AppTheme.primaryBackground,
-        child: InteractiveViewer(minScale: 0.5, maxScale: 4.0, child: child),
-      );
+      Widget viewerChild = child;
+      if (!(kIsWeb && token == null)) {
+        // Use InteractiveViewer for mobile or authenticated web
+        viewerChild = InteractiveViewer(
+          minScale: 0.5,
+          maxScale: 4.0,
+          child: child,
+        );
+      }
+
+      return Container(color: AppTheme.primaryBackground, child: viewerChild);
     } else {
       return Container(
         color: AppTheme.primaryBackground,
diff --git a/go_cloud/bin/api b/go_cloud/bin/api
index 40e3fd9..4ab4098 100755
Binary files a/go_cloud/bin/api and b/go_cloud/bin/api differ
diff --git a/go_cloud/internal/http/routes.go b/go_cloud/internal/http/routes.go
index 8b831f9..50ae0d9 100644
--- a/go_cloud/internal/http/routes.go
+++ b/go_cloud/internal/http/routes.go
@@ -2417,7 +2417,9 @@ func downloadOrgFileHandler(w http.ResponseWriter, r *http.Request, db *database
 	// which supports all common video/audio/image formats
 	contentType := getMimeType(fileName)
 
-	w.Header().Set("Access-Control-Allow-Origin", "*")
+	w.Header().Set("Access-Control-Allow-Origin", "https://www.b0esche.cloud")
+	w.Header().Set("Access-Control-Allow-Credentials", "true")
+	w.Header().Set("Access-Control-Allow-Headers", "Authorization, Range")
 	w.Header().Set("Content-Disposition", fmt.Sprintf("inline; filename=\"%s\"", fileName))
 	w.Header().Set("Content-Type", contentType)
 	w.Header().Set("Accept-Ranges", "bytes")
@@ -2565,7 +2567,9 @@ func downloadUserFileHandler(w http.ResponseWriter, r *http.Request, db *databas
 	// which supports all common video/audio/image formats
 	contentType := getMimeType(fileName)
 
-	w.Header().Set("Access-Control-Allow-Origin", "*")
+	w.Header().Set("Access-Control-Allow-Origin", "https://www.b0esche.cloud")
+	w.Header().Set("Access-Control-Allow-Credentials", "true")
+	w.Header().Set("Access-Control-Allow-Headers", "Authorization, Range")
 	w.Header().Set("Content-Disposition", fmt.Sprintf("inline; filename=\"%s\"", fileName))
 	w.Header().Set("Content-Type", contentType)
 	w.Header().Set("Accept-Ranges", "bytes")