diff --git a/src/utils/internal/cors.ts b/src/utils/internal/cors.ts
index 4648e440..e47e26a1 100644
--- a/src/utils/internal/cors.ts
+++ b/src/utils/internal/cors.ts
@@ -79,17 +79,19 @@ export function createOriginHeaders(
   const { origin: originOption } = options;
   const origin = event.request.headers.get("origin");
 
-  if (!origin || !originOption || originOption === "*") {
+  if (!originOption || originOption === "*") {
     return { "access-control-allow-origin": "*" };
   }
 
-  if (typeof originOption === "string") {
-    return { "access-control-allow-origin": originOption, vary: "origin" };
+  if (originOption === "null") {
+    return { "access-control-allow-origin": "null", vary: "origin" };
   }
 
-  return isCorsOriginAllowed(origin, options)
-    ? { "access-control-allow-origin": origin, vary: "origin" }
-    : {};
+  if (origin && isCorsOriginAllowed(origin, options)) {
+    return { "access-control-allow-origin": origin, vary: "origin" };
+  }
+
+  return {};
 }
 
 /**