diff --git a/README.md b/README.md
index 6d9673b..b1387a8 100644
--- a/README.md
+++ b/README.md
@@ -20,9 +20,10 @@ const corsMiddleware = require('restify-cors-middleware')
 
 const cors = corsMiddleware({
   preflightMaxAge: 5, //Optional
-  origins: ['http://api.myapp.com', 'http://web.myapp.com'],
-  allowHeaders: ['API-Token'],
-  exposeHeaders: ['API-Token-Expiry']
+  credentials: true, //Optional, default false
+  origins: ['http://api.myapp.com', 'http://web.myapp.com'], //Optional, default ['*']
+  allowHeaders: ['API-Token'], //Optional, default []
+  exposeHeaders: ['API-Token-Expiry'] //Optional, default []
 })
 
 server.pre(cors.preflight)
diff --git a/src/origin-matcher.js b/src/origin-matcher.js
index ddfdf3e..d1f320f 100644
--- a/src/origin-matcher.js
+++ b/src/origin-matcher.js
@@ -5,20 +5,27 @@ exports.create = function (allowedOrigins) {
   // does a given request Origin match the list?
   return function (requestOrigin) {
     if (requestOrigin) {
-      return matchers.some(matcher => matcher(requestOrigin))
-    } else {
-      return false
+      return matchers.some(function (matcher) {
+        return matcher(requestOrigin)
+      })
     }
+
+    return false
   }
 }
 
 function createMatcher (allowedOrigin) {
   if (allowedOrigin.indexOf('*') === -1) {
     // simple string comparison
-    return requestOrigin => requestOrigin === allowedOrigin
-  } else {
-    // need to build a regex
-    var regex = '^' + allowedOrigin.replace('.', '\\.').replace('*', '.*') + '$'
-    return requestOrigin => requestOrigin.match(regex)
+    return function (requestOrigin) {
+      return requestOrigin === allowedOrigin
+    }
+  }
+
+  // need to build a regex
+  var regex = '^' + allowedOrigin.replace('.', '\\.').replace('*', '.*') + '$'
+
+  return function (requestOrigin) {
+    return requestOrigin.match(regex)
   }
 }