diff --git a/src/marauroa/server/net/web/WebSocketChannel.java b/src/marauroa/server/net/web/WebSocketChannel.java
index 5c80daaf..a93901b3 100644
--- a/src/marauroa/server/net/web/WebSocketChannel.java
+++ b/src/marauroa/server/net/web/WebSocketChannel.java
@@ -64,7 +64,7 @@ public void onOpen(Session session, EndpointConfig config) {
 		String origin = params.get("origin").get(0);
 		try {
 			String expectedOrigin = Configuration.getConfiguration().get("http_origin");
-			if ((expectedOrigin != null) && !expectedOrigin.equals(origin)) {
+			if (!validateOrigin(origin, expectedOrigin)) {
 				logger.warn("Expected origin " + expectedOrigin + " from client " + address + " but got " + origin);
 				close();
 				return;
@@ -85,6 +85,20 @@ public void onOpen(Session session, EndpointConfig config) {
 	}
 
 
+	private boolean validateOrigin(String origin, String expectedOrigin) {
+		if (expectedOrigin == null) {
+			return true;
+		}
+		String[] expectedOrigins = expectedOrigin.split(",");
+		for (String exp : expectedOrigins) {
+			if (exp.equals(origin)) {
+				return true;
+			}
+		}
+		return false;
+	}
+
+
 	@OnMessage
 	public void onWebSocketText(String message) {
 		String msg = DebugInterface.get().onMessage(useragent, message);