From d648fc5a72861a179dc2d427c733c9fb9cd39d13 Mon Sep 17 00:00:00 2001
From: tifroz <hhardel@gmail.com>
Date: Wed, 16 Feb 2011 00:16:41 -0800
Subject: [PATCH] Allow x-domain xhr-polling with Origin: null for
 Chrome/Safari

---
 lib/socket.io/transports/xhr-polling.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/socket.io/transports/xhr-polling.js b/lib/socket.io/transports/xhr-polling.js
index 6ac6f389..35e66a18 100644
--- a/lib/socket.io/transports/xhr-polling.js
+++ b/lib/socket.io/transports/xhr-polling.js
@@ -69,7 +69,7 @@ Polling.prototype._write = function(message){
     var headers = {'Content-Type': 'text/plain; charset=UTF-8', 'Content-Length': Buffer.byteLength(message)};
     // https://developer.mozilla.org/En/HTTP_Access_Control
     if (this.request.headers.origin && this._verifyOrigin(this.request.headers.origin)){
-      headers['Access-Control-Allow-Origin'] = this.request.headers.origin;
+      headers['Access-Control-Allow-Origin'] = (this.request.headers.origin === 'null' ? '*' : this.request.headers.origin);
       if (this.request.headers.cookie) headers['Access-Control-Allow-Credentials'] = 'true';
     }
     this.response.writeHead(200, headers);