# File lib/rack/cors.rb, line 189
          def origin_for_response_header(origin)
            return '*' if public_resource? && !credentials
            origin == 'file://' ? 'null' : origin
          end