diff --git a/src/middleware.js b/src/middleware.js
index 830249e..c1f061c 100644
--- a/src/middleware.js
+++ b/src/middleware.js
@@ -18,11 +18,11 @@ export function middleware(request) {
   // retrieve the current response
   const res = NextResponse.next()
 
-  console.log('middleware cors', request)
+  console.log('middleware cors')
 
   // add the CORS headers to the response
   res.headers.append('Access-Control-Allow-Credentials', "true")
-  res.headers.append('Access-Control-Allow-Origin', '*') // replace this your actual origin
+  res.headers.append('Access-Control-Allow-Origin', request.origin) // replace this your actual origin
   res.headers.append('Access-Control-Allow-Methods', 'GET,DELETE,PATCH,POST,PUT')
   res.headers.append(
       'Access-Control-Allow-Headers',
diff --git a/src/pages/api/socket.js b/src/pages/api/socket.js
index 3ed6958..bbd376c 100644
--- a/src/pages/api/socket.js
+++ b/src/pages/api/socket.js
@@ -11,7 +11,7 @@ export const config = {
 
 const SocketHandler = (req, res) => {
   if (!res.socket.server.io) {
-    const path = '/api/socket'
+    const path = '/api/socket/'
     const httpServer = res.socket.server
     const io = new IOServer(httpServer, {
       path,