diff --git a/Sources/Vapor/Deprecations/CORSMiddleware+AllowOriginSetting.swift b/Sources/Vapor/Deprecations/CORSMiddleware+AllowOriginSetting.swift
new file mode 100644
index 0000000000..147355057b
--- /dev/null
+++ b/Sources/Vapor/Deprecations/CORSMiddleware+AllowOriginSetting.swift
@@ -0,0 +1,6 @@
+extension CORSMiddleware.AllowOriginSetting {
+    @available(*, deprecated, renamed: "any")
+    public static func whitelist(_ origins: [String]) -> Self {
+        .any(origins)
+    }
+}
diff --git a/Sources/Vapor/Middleware/CORSMiddleware.swift b/Sources/Vapor/Middleware/CORSMiddleware.swift
index 56373fcf2a..634f0c21b5 100644
--- a/Sources/Vapor/Middleware/CORSMiddleware.swift
+++ b/Sources/Vapor/Middleware/CORSMiddleware.swift
@@ -9,7 +9,7 @@ public final class CORSMiddleware: Middleware {
     /// - none: Disallows any origin.
     /// - originBased: Uses value of the origin header in the request.
     /// - all: Uses wildcard to allow any origin.
-    /// - whitelist: Uses a whitelist of allowable origins.
+    /// - any: A list of allowable origins.
     /// - custom: Uses custom string provided as an associated value.
     public enum AllowOriginSetting {
         /// Disallow any origin.
@@ -21,8 +21,8 @@ public final class CORSMiddleware: Middleware {
         /// Uses wildcard to allow any origin.
         case all
         
-        // Uses a whitelist of allowable origins.
-        case whitelist([String])
+        /// A list of allowable origins.
+        case any([String])
 
         /// Uses custom string provided as an associated value.
         case custom(String)
@@ -36,7 +36,7 @@ public final class CORSMiddleware: Middleware {
             case .none: return ""
             case .originBased: return req.headers[.origin].first ?? ""
             case .all: return "*"
-            case .whitelist(let origins):
+            case .any(let origins):
                 guard let origin = req.headers[.origin].first else {
                     return ""
                 }