diff --git a/swift/proxy/controllers/base.py b/swift/proxy/controllers/base.py
index 40a636e12b..4a4d13ffa5 100644
--- a/swift/proxy/controllers/base.py
+++ b/swift/proxy/controllers/base.py
@@ -165,9 +165,6 @@ def cors_validation(func):
                 controller.container_info(controller.account_name,
                                           controller.container_name)
             cors_info = container_info.get('cors', {})
-            if not controller.is_origin_allowed(cors_info, req_origin):
-                # invalid CORS request
-                return Response(status=HTTP_UNAUTHORIZED)
 
             # Call through to the decorated method
             resp = func(*a, **kw)
diff --git a/test/unit/proxy/test_server.py b/test/unit/proxy/test_server.py
index 1ee6415425..d510d30a9d 100644
--- a/test/unit/proxy/test_server.py
+++ b/test/unit/proxy/test_server.py
@@ -4086,30 +4086,6 @@ class TestObjectController(unittest.TestCase):
                 'x-auth-token, x-foo',
                 sortHeaderNames(resp.headers['access-control-allow-headers']))
 
-    def test_CORS_invalid_origin(self):
-        with save_globals():
-            controller = proxy_server.ObjectController(self.app, 'a', 'c', 'o')
-
-            def stubContainerInfo(*args):
-                return {
-                    'cors': {
-                        'allow_origin': 'http://baz'
-                    }
-                }
-            controller.container_info = stubContainerInfo
-
-            def objectGET(controller, req):
-                return Response()
-
-            req = Request.blank(
-                '/a/c/o.jpg',
-                {'REQUEST_METHOD': 'GET'},
-                headers={'Origin': 'http://foo.bar'})
-
-            resp = cors_validation(objectGET)(controller, req)
-
-            self.assertEquals(401, resp.status_int)
-
     def test_CORS_valid(self):
         with save_globals():
             controller = proxy_server.ObjectController(self.app, 'a', 'c', 'o')
@@ -4939,30 +4915,6 @@ class TestContainerController(unittest.TestCase):
                 'x-auth-token, x-foo',
                 sortHeaderNames(resp.headers['access-control-allow-headers']))
 
-    def test_CORS_invalid_origin(self):
-        with save_globals():
-            controller = proxy_server.ContainerController(self.app, 'a', 'c')
-
-            def stubContainerInfo(*args):
-                return {
-                    'cors': {
-                        'allow_origin': 'http://baz'
-                    }
-                }
-            controller.container_info = stubContainerInfo
-
-            def containerGET(controller, req):
-                return Response()
-
-            req = Request.blank(
-                '/a/c/o.jpg',
-                {'REQUEST_METHOD': 'GET'},
-                headers={'Origin': 'http://foo.bar'})
-
-            resp = cors_validation(containerGET)(controller, req)
-
-            self.assertEquals(401, resp.status_int)
-
     def test_CORS_valid(self):
         with save_globals():
             controller = proxy_server.ContainerController(self.app, 'a', 'c')