diff --git a/README b/README
index b6dcdcc..c297f05 100644
--- a/README
+++ b/README
@@ -74,6 +74,9 @@ The fields are as follows:
 
 - `admin` defines the users allowed to look at the `/stats.html` file; it
   has the same syntax as user definitions in groups (see below).
+- `publicServer`: if true, then cross-origin access to the server is
+  allowed.  This is safe if the server is on the public Internet, but not
+  necessarily so if it is on a private network.
 - `proxyURL`: if running behind a reverse proxy, this specifies the
   address of the proxy.
 - `canonicalHost`: the canonical name of the host running the server; this
diff --git a/group/group.go b/group/group.go
index accedaa..ff76b26 100644
--- a/group/group.go
+++ b/group/group.go
@@ -854,6 +854,7 @@ type Configuration struct {
 	modTime  time.Time `json:"-"`
 	fileSize int64     `json:"-"`
 
+	PublicServer  bool            `json:"publicServer"`
 	CanonicalHost string          `json:"canonicalHost"`
 	ProxyURL      string          `json:"proxyURL"`
 	Admin         []ClientPattern `json:"admin"`
diff --git a/webserver/webserver.go b/webserver/webserver.go
index 3b1d21c..01bab76 100644
--- a/webserver/webserver.go
+++ b/webserver/webserver.go
@@ -479,8 +479,26 @@ var wsUpgrader = websocket.Upgrader{
 	HandshakeTimeout: 30 * time.Second,
 }
 
+var wsPublicUpgrader = websocket.Upgrader{
+	HandshakeTimeout: 30 * time.Second,
+	CheckOrigin: func(r *http.Request) bool {
+		return true
+	},
+}
+
 func wsHandler(w http.ResponseWriter, r *http.Request) {
-	conn, err := wsUpgrader.Upgrade(w, r, nil)
+	conf, err := group.GetConfiguration()
+	if err != nil {
+		http.Error(w, "Internal server error",
+			http.StatusInternalServerError)
+		return
+	}
+	upgrader := wsUpgrader
+	if conf.PublicServer {
+		upgrader = wsPublicUpgrader
+	}
+
+	conn, err := upgrader.Upgrade(w, r, nil)
 	if err != nil {
 		log.Printf("Websocket upgrade: %v", err)
 		return