diff --git a/CHANGELOG.md b/CHANGELOG.md
index f9bea82..c9b2dda 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,8 @@
 # Change Log
 
+## 3.0.4
+Handle response.headers being None. (Fixes issue #217)
+
 ## 3.0.3
 Ensure that an Origin of '*' is never sent if supports_credentials is True (fixes Issue #202)
 * If `always_send=True`, and `'*'` is in the allowed origins, and a request is made without an Origin header, no `Access-Control-Allow-Origins` header will now be returned. This is breaking if you depended on it, but was a bug as it goes against the spec.
diff --git a/flask_cors/version.py b/flask_cors/version.py
index d298347..9a8a1b1 100644
--- a/flask_cors/version.py
+++ b/flask_cors/version.py
@@ -1 +1 @@
-__version__ = '3.0.3'
+__version__ = '3.0.4'