diff --git a/repo/config/init.go b/repo/config/init.go
index f8f4a4890ea..35ccda36b55 100644
--- a/repo/config/init.go
+++ b/repo/config/init.go
@@ -62,6 +62,11 @@ func Init(out io.Writer, nBitsForKeypair int) (*Config, error) {
 			RootRedirect: "",
 			Writable:     false,
 			PathPrefixes: []string{},
+			HTTPHeaders: map[string][]string{
+				"Access-Control-Allow-Origin":  []string{"*"},
+				"Access-Control-Allow-Methods": []string{"GET"},
+				"Access-Control-Allow-Headers": []string{"X-Requested-With"},
+			},
 		},
 	}
 
diff --git a/test/sharness/t0112-gateway-cors.sh b/test/sharness/t0112-gateway-cors.sh
index 1cc9371c49b..dbb51021ae8 100755
--- a/test/sharness/t0112-gateway-cors.sh
+++ b/test/sharness/t0112-gateway-cors.sh
@@ -7,10 +7,6 @@
 test_description="Test HTTP Gateway CORS Support"
 
 test_config_ipfs_cors_headers() {
-    ipfs config --json Gateway.HTTPHeaders.Access-Control-Allow-Origin '["*"]'
-    ipfs config --json Gateway.HTTPHeaders.Access-Control-Allow-Methods '["PUT", "GET", "POST"]'
-    ipfs config --json Gateway.HTTPHeaders.Access-Control-Allow-Headers '["X-Requested-With"]'
-
     ipfs config --json API.HTTPHeaders.Access-Control-Allow-Origin '["*"]'
     ipfs config --json API.HTTPHeaders.Access-Control-Allow-Methods '["PUT", "GET", "POST"]'
     ipfs config --json API.HTTPHeaders.Access-Control-Allow-Headers '["X-Requested-With"]'