diff --git a/fine-socketio/src/main/java/com/fr/third/socketio/handler/EncoderHandler.java b/fine-socketio/src/main/java/com/fr/third/socketio/handler/EncoderHandler.java
index 238c965d8..ba5cfc3e6 100644
--- a/fine-socketio/src/main/java/com/fr/third/socketio/handler/EncoderHandler.java
+++ b/fine-socketio/src/main/java/com/fr/third/socketio/handler/EncoderHandler.java
@@ -190,16 +190,13 @@ public class EncoderHandler extends ChannelOutboundHandlerAdapter {
             res.headers().add(HttpHeaderNames.SERVER, version);
         }
 
-        if (configuration.getOrigin() != null) {
-            res.headers().add(HttpHeaderNames.ACCESS_CONTROL_ALLOW_ORIGIN, configuration.getOrigin());
-            res.headers().add(HttpHeaderNames.ACCESS_CONTROL_ALLOW_CREDENTIALS, Boolean.TRUE);
-        } else {
-            if (origin != null) {
-                res.headers().add(HttpHeaderNames.ACCESS_CONTROL_ALLOW_ORIGIN, origin);
-                res.headers().add(HttpHeaderNames.ACCESS_CONTROL_ALLOW_CREDENTIALS, Boolean.TRUE);
-            } else {
-                res.headers().add(HttpHeaderNames.ACCESS_CONTROL_ALLOW_ORIGIN, "*");
+        if (origin != null) {
+            String configOrigin = configuration.getOrigin();
+            if (configOrigin != null && !"".equals(configOrigin) && !configOrigin.contains(origin)) {
+                throw new IllegalArgumentException();
             }
+            res.headers().add(HttpHeaderNames.ACCESS_CONTROL_ALLOW_ORIGIN, origin);
+            res.headers().add(HttpHeaderNames.ACCESS_CONTROL_ALLOW_CREDENTIALS, Boolean.TRUE);
         }
     }