diff --git a/src/Http/Handlers/SockChatHandler.php b/src/Http/Handlers/SockChatHandler.php
index 29a3a5ff..bbf5e54a 100644
--- a/src/Http/Handlers/SockChatHandler.php
+++ b/src/Http/Handlers/SockChatHandler.php
@@ -395,15 +395,16 @@ final class SockChatHandler extends Handler {
     }
 
     public function token(HttpResponse $response, HttpRequest $request) {
-        $httpOrigin = $request->getHeaderLine('Origin');
+        $host = $request->getHeaderLine('Host');
+        $origin = strtolower(parse_url($request->getHeaderLine('Origin'), PHP_URL_HOST));
 
-        if(!empty($httpOrigin)) {
+        if(!empty($origin) && $origin !== $host) {
             $whitelist = Config::get('sockChat.origins', Config::TYPE_ARR, []);
 
-            if(!in_array($httpOrigin, $whitelist))
+            if(!in_array($origin, $whitelist))
                 return 403;
 
-            $request->setHeader('Access-Control-Allow-Origin', $httpOrigin);
+            $request->setHeader('Access-Control-Allow-Origin', $origin);
             $request->setHeader('Access-Control-Allow-Methods', 'OPTIONS, GET');
             $request->setHeader('Access-Control-Allow-Credentials', 'true');
             $request->setHeader('Vary', 'Origin');