diff --git a/middleware/cors_test.go b/middleware/cors_test.go
index daadbab6e..472f36013 100644
--- a/middleware/cors_test.go
+++ b/middleware/cors_test.go
@@ -4,6 +4,7 @@ import (
 	"errors"
 	"net/http"
 	"net/http/httptest"
+	"strings"
 	"testing"
 
 	"github.com/labstack/echo/v4"
@@ -458,7 +459,9 @@ func TestCorsHeaders(t *testing.T) {
 			e.ServeHTTP(rec, req)
 
 			assert.Equal(t, echo.HeaderOrigin, rec.Header().Get(echo.HeaderVary))
-			assert.Equal(t, tc.expectAllowHeader, rec.Header().Get(echo.HeaderAllow))
+			assert.ElementsMatch(t,
+				strings.Split(tc.expectAllowHeader, ","),
+				strings.Split(rec.Header().Get(echo.HeaderAllow), ","))
 			assert.Equal(t, tc.expectStatus, rec.Code)
 
 			expectedAllowOrigin := ""
diff --git a/router_test.go b/router_test.go
index f6736e677..2d66710f6 100644
--- a/router_test.go
+++ b/router_test.go
@@ -780,7 +780,9 @@ func TestMethodNotAllowedAndNotFound(t *testing.T) {
 			}
 			checkUnusedParamValues(t, c, tc.expectParam)
 
-			assert.Equal(t, tc.expectAllowHeader, c.Response().Header().Get(HeaderAllow))
+			assert.ElementsMatch(t,
+				strings.Split(tc.expectAllowHeader, ","),
+				strings.Split(c.Response().Header().Get(HeaderAllow), ","))
 		})
 	}
 }
@@ -2380,9 +2382,9 @@ func TestRouterHandleMethodOptions(t *testing.T) {
 				assert.NoError(t, err)
 				assert.Equal(t, tc.expectStatus, rec.Code)
 			}
-			expect := strings.Split(tc.expectAllowHeader, ",")
-			actual := strings.Split(c.Response().Header().Get("Allow"), ",")
-			assert.ElementsMatch(t, expect, actual)
+			assert.ElementsMatch(t,
+				strings.Split(tc.expectAllowHeader, ","),
+				strings.Split(c.Response().Header().Get(HeaderAllow), ","))
 		})
 	}
 }