diff --git a/lib/rack/cors/resource.rb b/lib/rack/cors/resource.rb
index a1e59cc..4c7da4a 100644
--- a/lib/rack/cors/resource.rb
+++ b/lib/rack/cors/resource.rb
@@ -66,7 +66,7 @@ def to_headers(env)
           'access-control-max-age' => max_age.to_s
         }
         h['access-control-allow-credentials'] = 'true' if credentials
-        h
+        Gem.loaded_specs['rack'].version >= Gem::Version.new('3') ? h : Rack::Utils::HeaderHash.new(h)
       end
 
       protected