今天在公司官网，控制台发现这个：

文字如下： Failed to load https://www.xxx.com:7001/socket.io/?EIO=3&transport=polling&t=1520584510239-0: The value of the ‘Access-Control-Allow-Origin’ header in the response must not be the wildcard ‘*’ when the request’s credentials mode is ‘include’. Origin ‘https://www.xx.com’ is therefore not allowed access. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.

这是之前的人做的，我只是维护，soket这部分从来没有动过，以前也没发现问题。网上搜了一下，相关信息不多，感觉都没在点子上。请问这种情况是怎么回事？怎么修复？