diff --git a/lib/socket.io/transports/xhr-multipart.js b/lib/socket.io/transports/xhr-multipart.js
index df51cc034f..bf205ea6f2 100644
--- a/lib/socket.io/transports/xhr-multipart.js
+++ b/lib/socket.io/transports/xhr-multipart.js
@@ -11,7 +11,7 @@ Multipart.prototype._onConnect = function(req, res){
 	var self = this, body = '', headers = {};
 	// https://developer.mozilla.org/En/HTTP_Access_Control
 	if (req.headers.origin && this._verifyOrigin(req.headers.origin)){
-		headers['Access-Control-Allow-Origin'] = req.headers.origin;
+		headers['Access-Control-Allow-Origin'] = '*';
 		headers['Access-Control-Allow-Credentials'] = 'true';
 	}
 	if (typeof req.headers['access-control-request-method'] !== 'undefined'){
diff --git a/lib/socket.io/transports/xhr-polling.js b/lib/socket.io/transports/xhr-polling.js
index 732e6a331c..a02b513263 100644
--- a/lib/socket.io/transports/xhr-polling.js
+++ b/lib/socket.io/transports/xhr-polling.js
@@ -26,7 +26,7 @@ Polling.prototype._onConnect = function(req, res){
 				var headers = {'Content-Type': 'text/plain'};
 				if (req.headers.origin){
 					if (self._verifyOrigin(req.headers.origin)){
-						headers['Access-Control-Allow-Origin'] = req.headers.origin;
+						headers['Access-Control-Allow-Origin'] = '*';
 						if (req.headers.cookie) headers['Access-Control-Allow-Credentials'] = 'true';
 					} else {
 						res.writeHead(401);
diff --git a/package.json b/package.json
new file mode 100644
index 0000000000..9fbe3c6d80
--- /dev/null
+++ b/package.json
@@ -0,0 +1,17 @@
+{ "name" : "socket.io"
+, "description" : "Sockets for the rest of us."
+, "version" : "0.5.2"
+, "author" : "LearnBoost"
+, "licenses" :
+  [ { "type" : "MIT"
+    , "url" : "http://github.com/maccman/Socket.IO-node/raw/master/README.md"
+    }
+  ]
+, "repository" :
+  { "type" : "git"
+  , "url" : "http://github.com/maccman/Socket.IO-node.git"
+  }
+, "engine" : [ "node >=0.1.102" ]
+, "main" : "./index"
+, "scripts" : { "test" : "make test" }
+}