diff --git a/lib/http-server.js b/lib/http-server.js
index 27138ca06..f69f7fc53 100644
--- a/lib/http-server.js
+++ b/lib/http-server.js
@@ -18,6 +18,10 @@ var HTTPServer = exports.HTTPServer = function (options) {
       this.root = './';
     }
   }
+  
+  if (options.headers) {
+    this.headers = options.headers; 
+  }
 
   this.cache = options.cache || 3600; // in seconds.
   this.autoIndex = options.autoIndex !== false;
@@ -27,7 +31,8 @@ var HTTPServer = exports.HTTPServer = function (options) {
         autoIndex: this.autoIndex,
         cache: this.cache
       })
-    ]
+    ],
+    headers: this.headers || {}
   });
 };
 
diff --git a/test/http-server-test.js b/test/http-server-test.js
index 594a010c6..21e0164e0 100644
--- a/test/http-server-test.js
+++ b/test/http-server-test.js
@@ -11,7 +11,11 @@ vows.describe('http-server').addBatch({
   'When http-server is listening on 8080': {
     topic: function () {
       var server = httpServer.createServer({
-        root: root
+        root: root,
+        headers: {
+          'Access-Control-Allow-Origin': '*',
+          'Access-Control-Allow-Credentials': 'true'
+        }
       });
       server.listen(8080);
       this.callback(null, server);
@@ -52,7 +56,15 @@ vows.describe('http-server').addBatch({
         assert.include(body, '/file');
         assert.include(body, '/canYouSeeMe');
       }
+    },
+    'and options include custom set http-headers': {
+      topic: function () {
+        request('http://127.0.0.1:8080/', this.callback);
+      },
+      'should respond with headers set in options': function (err, res, body) {
+        assert.equal(res.headers['access-control-allow-origin'], '*');
+        assert.equal(res.headers['access-control-allow-credentials'], 'true');
+      }
     }
   }
 }).export(module);
-