diff --git a/lib/rack/cors/resources.rb b/lib/rack/cors/resources.rb
index ca8ec74..4d1d1a1 100644
--- a/lib/rack/cors/resources.rb
+++ b/lib/rack/cors/resources.rb
@@ -16,7 +16,7 @@ def initialize
       def origins(*args, &blk)
         @origins = args.flatten.reject { |s| s == '' }.map do |n|
           case n
-          when Proc, Regexp, %r{^https?://}, 'file://'
+          when Proc, Regexp, %r{^[a-z][a-z0-9.+-]*://}
             n
           when '*'
             @public_resources = true
diff --git a/test/unit/cors_test.rb b/test/unit/cors_test.rb
index bfa8a7b..81b4cb6 100644
--- a/test/unit/cors_test.rb
+++ b/test/unit/cors_test.rb
@@ -373,6 +373,12 @@ def load_app(name, options = {})
       last_response.headers['Access-Control-Allow-Origin'].must_equal 'file://'
     end
 
+    it 'supports custom protocols in origin' do
+      preflight_request('custom-protocol://abcdefg', '/')
+      last_response.must_render_cors_success
+      last_response.headers['Access-Control-Allow-Origin'].must_equal 'custom-protocol://abcdefg'
+    end
+
     describe '' do
       let(:app) do
         test = self
diff --git a/test/unit/test.ru b/test/unit/test.ru
index 0906784..b03b88b 100644
--- a/test/unit/test.ru
+++ b/test/unit/test.ru
@@ -10,7 +10,8 @@ use Rack::Cors do
             '127.0.0.1:3000',
             %r{http://192\.168\.0\.\d{1,3}(:\d+)?},
             'file://',
-            %r{http://(.*?)\.example\.com}
+            %r{http://(.*?)\.example\.com},
+            'custom-protocol://abcdefg'
 
     resource '/get-only', methods: :get
     resource '/', headers: :any, methods: :any