diff --git a/lib/middleware.js b/lib/middleware.js
index c735df92..3099ba43 100644
--- a/lib/middleware.js
+++ b/lib/middleware.js
@@ -51,7 +51,7 @@ var middleware = module.exports = {
       var origin = req.header('Origin');
 
       // TODO should this check if the request is via the API?
-      if (req.method === 'OPTIONS' || (req.method === 'GET' && utils.isAjax(req)) || (req.method === 'GET' && req.headers.origin)) {
+      if (req.method === 'OPTIONS' || (req.method === 'GET' && req.headers.origin)) {
         res.header({
           'Access-Control-Allow-Origin':  origin,
           'Access-Control-Allow-Headers': headers,
diff --git a/lib/utils.js b/lib/utils.js
index 99fb1b55..c571287f 100644
--- a/lib/utils.js
+++ b/lib/utils.js
@@ -133,7 +133,7 @@ module.exports = {
     return collected;
   },
   isAjax: function (req) {
-    return (req.get('X-Requested-With') || '').toLowerCase() === 'xmlhttprequest';
+    return (req.get('X-Requested-With') || '').toLowerCase() === 'xmlhttprequest' || req.accepted[0].value === 'application/json';
   },
   shortcode: function (length) {
     var vowels = 'aeiou',