diff --git a/framework/src/com/phonegap/DroidGap.java b/framework/src/com/phonegap/DroidGap.java
index 149b49b8..59e4a15d 100755
--- a/framework/src/com/phonegap/DroidGap.java
+++ b/framework/src/com/phonegap/DroidGap.java
@@ -1930,24 +1930,24 @@ public class DroidGap extends PhonegapActivity {
         // Unlimited access to network resources
         if(origin.compareTo("*") == 0) {
             LOG.d(TAG, "Unlimited access to network resources");
-            whiteList.add(Pattern.compile("*"));
+            whiteList.add(Pattern.compile(".*"));
         } else { // specific access
           // check if subdomains should be included
           // TODO: we should not add more domains if * has already been added
           if (subdomains) {
               // XXX making it stupid friendly for people who forget to include protocol/SSL
               if(origin.startsWith("http")) {
-                whiteList.add(Pattern.compile(origin.replaceFirst("https{0,1}://", "^https{0,1}://.*")));
+                whiteList.add(Pattern.compile(origin.replaceFirst("https?://", "^https?://(.*\\.)?")));
               } else {
-                whiteList.add(Pattern.compile("^https{0,1}://.*"+origin));
+                whiteList.add(Pattern.compile("^https?://(.*\\.)?"+origin));
               }
               LOG.d(TAG, "Origin to allow with subdomains: %s", origin);
           } else {
               // XXX making it stupid friendly for people who forget to include protocol/SSL
               if(origin.startsWith("http")) {
-                whiteList.add(Pattern.compile(origin.replaceFirst("https{0,1}://", "^https{0,1}://")));
+                whiteList.add(Pattern.compile(origin.replaceFirst("https?://", "^https?://")));
               } else {
-                whiteList.add(Pattern.compile("^https{0,1}://"+origin));
+                whiteList.add(Pattern.compile("^https?://"+origin));
               }
               LOG.d(TAG, "Origin to allow: %s", origin);
           }