diff --git a/cors.go b/cors.go
index 4113437..6c49c84 100644
--- a/cors.go
+++ b/cors.go
@@ -26,6 +26,9 @@ type Config struct {
 	// cross-domain requests. Default value is simple methods (GET, POST, PUT, PATCH, DELETE, HEAD, and OPTIONS)
 	AllowMethods []string
 
+	// AllowPrivateNetwork indicates whether the response should include allow private network header
+	AllowPrivateNetwork bool
+
 	// AllowHeaders is list of non simple headers the client is allowed to use with
 	// cross-domain requests.
 	AllowHeaders []string
diff --git a/cors_test.go b/cors_test.go
index 17ee3d5..c87d60a 100644
--- a/cors_test.go
+++ b/cors_test.go
@@ -168,6 +168,15 @@ func TestGeneratePreflightHeaders_AllowCredentials(t *testing.T) {
 	assert.Len(t, header, 2)
 }
 
+func TestGeneratePreflightHeaders_AllowPrivateNetwork(t *testing.T) {
+	header := generatePreflightHeaders(Config{
+		AllowPrivateNetwork: true,
+	})
+	assert.Equal(t, header.Get("Access-Control-Allow-Private-Network"), "true")
+	assert.Equal(t, header.Get("Vary"), "Origin")
+	assert.Len(t, header, 2)
+}
+
 func TestGeneratePreflightHeaders_AllowMethods(t *testing.T) {
 	header := generatePreflightHeaders(Config{
 		AllowMethods: []string{"GET ", "post", "PUT", " put  "},
diff --git a/utils.go b/utils.go
index 460ef17..b98e90b 100644
--- a/utils.go
+++ b/utils.go
@@ -45,6 +45,11 @@ func generatePreflightHeaders(c Config) http.Header {
 		value := strconv.FormatInt(int64(c.MaxAge/time.Second), 10)
 		headers.Set("Access-Control-Max-Age", value)
 	}
+
+	if c.AllowPrivateNetwork {
+		headers.Set("Access-Control-Allow-Private-Network", "true")
+	}
+
 	if c.AllowAllOrigins {
 		headers.Set("Access-Control-Allow-Origin", "*")
 	} else {