diff --git a/packages/cli/src/commands/server/middleware/getSecurityHeadersMiddleware.ts b/packages/cli/src/commands/server/middleware/getSecurityHeadersMiddleware.ts
index 498ce8b6f..5fedf4898 100644
--- a/packages/cli/src/commands/server/middleware/getSecurityHeadersMiddleware.ts
+++ b/packages/cli/src/commands/server/middleware/getSecurityHeadersMiddleware.ts
@@ -11,13 +11,10 @@ export default function getSecurityHeadersMiddleware(
   res: http.ServerResponse,
   next: (err?: any) => void,
 ) {
-  // @ts-ignore Property 'client' does not exist on type 'IncomingMessage', verify
-  const address = req.client.server.address();
-
   // Block any cross origin request.
   if (
-    req.headers.origin &&
-    req.headers.origin !== `http://localhost:${address.port}`
+    typeof req.headers.origin === 'string' &&
+    !req.headers.origin.match(/^https?:\/\/localhost:/)
   ) {
     next(
       new Error(