# File lib/rack/cors.rb, line 189 def origin_for_response_header(origin) return '*' if public_resource? && !credentials origin == 'file://' ? 'null' : origin end