diff --git a/api/public/cors.php b/api/public/cors.php
index 1cd68d2cfb75bdc640253ee03ed8abb038d6aac2..55fd2d0d6d3a1d22039c7bc888cd8138152397b6 100644
--- a/api/public/cors.php
+++ b/api/public/cors.php
@@ -27,7 +27,7 @@ if (isset($_GET['question'])) {
     $is_question = false;
 }
 
-if (str_pos($scriptname, '..') !== false
+if (strpos($scriptname, '..') !== false
     || strpos($scriptname, '/') !== false
     || strpos($scriptname, '\\') !== false) {
         die("No such script here.");