diff --git a/src/App/Page.php b/src/App/Page.php
index 57468f8e5e..9e59ab9ae7 100644
--- a/src/App/Page.php
+++ b/src/App/Page.php
@@ -32,6 +32,7 @@ use Friendica\Core\Hook;
 use Friendica\Core\L10n;
 use Friendica\Core\Renderer;
 use Friendica\Core\Theme;
+use Friendica\DI;
 use Friendica\Network\HTTPException;
 use Friendica\Util\Network;
 use Friendica\Util\Strings;
@@ -378,7 +379,7 @@ class Page implements ArrayAccess
 	 */
 	public function exit(ResponseInterface $response)
 	{
-		header(sprintf("HTTP/%s %i %s",
+		header(sprintf("HTTP/%s %s %s",
 			$response->getProtocolVersion(),
 			$response->getStatusCode(),
 			$response->getReasonPhrase())
diff --git a/src/BaseModule.php b/src/BaseModule.php
index 4fbf39cf71..ae3b721409 100644
--- a/src/BaseModule.php
+++ b/src/BaseModule.php
@@ -191,23 +191,23 @@ abstract class BaseModule implements ICanHandleRequests
 	public function run(array $request = []): ResponseInterface
 	{
 		// @see https://github.com/tootsuite/mastodon/blob/c3aef491d66aec743a3a53e934a494f653745b61/config/initializers/cors.rb
-		if (substr($request['pagename'] ?? '', 0, 12) == '.well-known/') {
+		if (substr($this->args->getQueryString(), 0, 12) == '.well-known/') {
 			$this->response->setHeader('*', 'Access-Control-Allow-Origin');
 			$this->response->setHeader('*', 'Access-Control-Allow-Headers');
 			$this->response->setHeader(Router::GET, 'Access-Control-Allow-Methods');
 			$this->response->setHeader('false', 'Access-Control-Allow-Credentials');
-		} elseif (substr($request['pagename'] ?? '', 0, 8) == 'profile/') {
+		} elseif (substr($this->args->getQueryString(), 0, 8) == 'profile/') {
 			$this->response->setHeader('*', 'Access-Control-Allow-Origin');
 			$this->response->setHeader('*', 'Access-Control-Allow-Headers');
 			$this->response->setHeader(Router::GET, 'Access-Control-Allow-Methods');
 			$this->response->setHeader('false', 'Access-Control-Allow-Credentials');
-		} elseif (substr($request['pagename'] ?? '', 0, 4) == 'api/') {
+		} elseif (substr($this->args->getQueryString(), 0, 4) == 'api/') {
 			$this->response->setHeader('*', 'Access-Control-Allow-Origin');
 			$this->response->setHeader('*', 'Access-Control-Allow-Headers');
 			$this->response->setHeader(implode(',', Router::ALLOWED_METHODS), 'Access-Control-Allow-Methods');
 			$this->response->setHeader('false', 'Access-Control-Allow-Credentials');
 			$this->response->setHeader('Link', 'Access-Control-Expose-Headers');
-		} elseif (substr($request['pagename'] ?? '', 0, 11) == 'oauth/token') {
+		} elseif (substr($this->args->getQueryString(), 0, 11) == 'oauth/token') {
 			$this->response->setHeader('*', 'Access-Control-Allow-Origin');
 			$this->response->setHeader('*', 'Access-Control-Allow-Headers');
 			$this->response->setHeader(Router::POST, 'Access-Control-Allow-Methods');
diff --git a/src/Module/Response.php b/src/Module/Response.php
index e4bfde7a3c..db30a10d8c 100644
--- a/src/Module/Response.php
+++ b/src/Module/Response.php
@@ -140,6 +140,6 @@ class Response implements ICanCreateResponses
 		// Setting the response type as an X-header for direct usage
 		$this->headers[static::X_HEADER] = $this->type;
 
-		return new \GuzzleHttp\Psr7\Response($this->status, $this->headers, $this->content, $this->reason);
+		return new \GuzzleHttp\Psr7\Response($this->status, $this->headers, $this->content, '1.1', $this->reason);
 	}
 }
diff --git a/tests/src/Module/Special/OptionsTest.php b/tests/src/Module/Special/OptionsTest.php
index 3f7024f2db..ea5982e655 100644
--- a/tests/src/Module/Special/OptionsTest.php
+++ b/tests/src/Module/Special/OptionsTest.php
@@ -2,6 +2,8 @@
 
 namespace Friendica\Test\src\Module\Special;
 
+use Friendica\App\Arguments;
+use Friendica\App\Page;
 use Friendica\App\Router;
 use Friendica\Capabilities\ICanCreateResponses;
 use Friendica\DI;