diff --git a/spring-web/src/main/java/org/springframework/web/cors/CorsConfiguration.java b/spring-web/src/main/java/org/springframework/web/cors/CorsConfiguration.java
index e92ccd04e29..1c9bc49fd01 100644
--- a/spring-web/src/main/java/org/springframework/web/cors/CorsConfiguration.java
+++ b/spring-web/src/main/java/org/springframework/web/cors/CorsConfiguration.java
@@ -123,7 +123,7 @@ public class CorsConfiguration {
 	 * value may be one of the following:
 	 * <ul>
 	 * <li>a specific domain, e.g. {@code "https://domain1.com"}
-	 * <li>coma-delimited list of specific domains, e.g.
+	 * <li>comma-delimited list of specific domains, e.g.
 	 * {@code "https://a1.com,https://a2.com"}; this is convenient when a value
 	 * is resolved through a property placeholder, e.g. {@code "${origin}"};
 	 * note that such placeholders must be resolved externally.
@@ -177,7 +177,7 @@ public class CorsConfiguration {
 		else if (this.allowedOrigins == DEFAULT_PERMIT_ALL && CollectionUtils.isEmpty(this.allowedOriginPatterns)) {
 			setAllowedOrigins(DEFAULT_PERMIT_ALL);
 		}
-		parseComaDelimitedOrigin(origin, value -> {
+		parseCommaDelimitedOrigin(origin, value -> {
 			value = trimTrailingSlash(value);
 			this.allowedOrigins.add(value);
 		});
@@ -193,7 +193,7 @@ public class CorsConfiguration {
 	 * domain1.com on port 8080 or port 8081
 	 * <li>{@literal https://*.domain1.com:[*]} -- domains ending with
 	 * domain1.com on any port, including the default port
-	 * <li>coma-delimited list of patters, e.g.
+	 * <li>comma-delimited list of patters, e.g.
 	 * {@code "https://*.a1.com,https://*.a2.com"}; this is convenient when a
 	 * value is resolved through a property placeholder, e.g. {@code "${origin}"};
 	 * note that such placeholders must be resolved externally.
@@ -245,7 +245,7 @@ public class CorsConfiguration {
 		if (this.allowedOriginPatterns == null) {
 			this.allowedOriginPatterns = new ArrayList<>(4);
 		}
-		parseComaDelimitedOrigin(originPattern, value -> {
+		parseCommaDelimitedOrigin(originPattern, value -> {
 			value = trimTrailingSlash(value);
 			this.allowedOriginPatterns.add(new OriginPattern(value));
 			if (this.allowedOrigins == DEFAULT_PERMIT_ALL) {
@@ -254,7 +254,7 @@ public class CorsConfiguration {
 		});
 	}
 
-	private static void parseComaDelimitedOrigin(String rawValue, Consumer<String> valueConsumer) {
+	private static void parseCommaDelimitedOrigin(String rawValue, Consumer<String> valueConsumer) {
 		if (rawValue.indexOf(',') == -1) {
 			valueConsumer.accept(rawValue);
 			return;
diff --git a/spring-web/src/test/java/org/springframework/web/cors/CorsConfigurationTests.java b/spring-web/src/test/java/org/springframework/web/cors/CorsConfigurationTests.java
index 17945152289..56724055827 100644
--- a/spring-web/src/test/java/org/springframework/web/cors/CorsConfigurationTests.java
+++ b/spring-web/src/test/java/org/springframework/web/cors/CorsConfigurationTests.java
@@ -291,7 +291,7 @@ class CorsConfigurationTests {
 		config.setAllowCredentials(true);
 		assertThatIllegalArgumentException().isThrownBy(() -> config.checkOrigin("https://domain.com"));
 
-		// coma-delimited origins list
+		// comma-delimited origins list
 		config.setAllowedOrigins(Collections.singletonList("https://a1.com,https://a2.com"));
 		assertThat(config.checkOrigin("https://a1.com")).isEqualTo("https://a1.com");
 		assertThat(config.checkOrigin("https://a2.com/")).isEqualTo("https://a2.com/");