diff --git a/chalice/local.py b/chalice/local.py
index 1d430228eb..85ee47c185 100644
--- a/chalice/local.py
+++ b/chalice/local.py
@@ -9,7 +9,7 @@
 from six.moves.BaseHTTPServer import BaseHTTPRequestHandler
 
 from chalice.app import Chalice, CORSConfig  # noqa
-from typing import List, Any, Dict, Tuple, Callable # noqa
+from typing import List, Any, Dict, Tuple, Callable  # noqa
 from chalice.compat import urlparse, parse_qs
 
 
diff --git a/tests/integration/test_features.py b/tests/integration/test_features.py
index d5a3570707..a3134e4182 100644
--- a/tests/integration/test_features.py
+++ b/tests/integration/test_features.py
@@ -188,7 +188,8 @@ def test_can_support_cors(smoke_test_app):
     headers = response.headers
     assert headers['Access-Control-Allow-Origin'] == '*'
     assert headers['Access-Control-Allow-Headers'] == (
-        'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token')
+        'Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,'
+        'X-Api-Key')
     assert headers['Access-Control-Allow-Methods'] == 'GET,POST,PUT,OPTIONS'
 
 
@@ -203,11 +204,15 @@ def test_can_support_custom_cors(smoke_test_app):
     response = requests.options(smoke_test_app.url + '/custom_cors')
     response.raise_for_status()
     headers = response.headers
+    print(headers)
     assert headers['Access-Control-Allow-Origin'] == expected_allow_origin
     assert headers['Access-Control-Allow-Headers'] == (
-        'X-Special-Header,Content-Type,X-Amz-Date,Authorization,X-Api-Key,'
-        'X-Amz-Security-Token')
+        'Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,'
+        'X-Api-Key,X-Special-Header')
     assert headers['Access-Control-Allow-Methods'] == 'GET,POST,PUT,OPTIONS'
+    assert headers['Access-Control-Max-Age'] == '600'
+    assert headers['Access-Control-Expose-Headers'] == 'X-Special-Header'
+    assert headers['Access-Control-Allow-Credentials'] == 'true'
 
 
 def test_to_dict_is_also_json_serializable(smoke_test_app):
diff --git a/tests/integration/testapp/app.py b/tests/integration/testapp/app.py
index fba92e8729..98c5120320 100644
--- a/tests/integration/testapp/app.py
+++ b/tests/integration/testapp/app.py
@@ -1,6 +1,10 @@
 from chalice import Chalice, BadRequestError, NotFoundError, Response,\
     CORSConfig
-from chalice.compat import parse_qs
+
+try:
+    from urllib.parse import parse_qs
+except:
+    from urlparse import parse_qs
 
 # This is a test app that is used by integration tests.
 # This app exercises all the major features of chalice
@@ -81,7 +85,7 @@ def supports_cors():
     allow_headers=['X-Special-Header'],
     max_age=600,
     expose_headers=['X-Special-Header'],
-    allow_credentials=False))
+    allow_credentials=True))
 def supports_custom_cors():
     return {'cors': True}