diff --git a/report-core/src/main/java/com/anjiplus/template/gaea/business/filter/CORSFilter.java b/report-core/src/main/java/com/anjiplus/template/gaea/business/filter/CORSFilter.java
index 90e4dd67..e5eea41f 100644
--- a/report-core/src/main/java/com/anjiplus/template/gaea/business/filter/CORSFilter.java
+++ b/report-core/src/main/java/com/anjiplus/template/gaea/business/filter/CORSFilter.java
@@ -1,38 +1,36 @@
 package com.anjiplus.template.gaea.business.filter;
 
-import org.springframework.context.annotation.Configuration;
 import org.springframework.core.Ordered;
 import org.springframework.core.annotation.Order;
+import org.springframework.stereotype.Component;
 
 import javax.servlet.*;
-import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 
 /**
  * Created by raodeming on 2021/6/24.
  */
-@Configuration
-@WebFilter(filterName = "CorsFilter ")
+@Component
 @Order(Ordered.HIGHEST_PRECEDENCE)
 public class CORSFilter implements Filter {
 
     @Override
     public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
             throws IOException, ServletException {
+        HttpServletRequest req = (HttpServletRequest) request;
         HttpServletResponse res = (HttpServletResponse) response;
         // 设置允许Cookie
         res.addHeader("Access-Control-Allow-Credentials", "true");
         // 允许http://www.xxx.com域（自行设置，这里只做示例）发起跨域请求
-        res.addHeader("Access-Control-Allow-Origin", "*");
+        res.addHeader("Access-Control-Allow-Origin", req.getHeader("Origin"));
         // 设置允许跨域请求的方法
-        res.addHeader("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
+        res.addHeader("Access-Control-Allow-Methods", "*");
         // 允许跨域请求包含content-type
         res.addHeader("Access-Control-Allow-Headers", "*");
-//        if (((HttpServletRequest) request).getMethod().equals("OPTIONS")) {
-//            response.getWriter().println("ok");
-//        }
-        chain.doFilter(request, response);
+        res.addHeader("Access-Control-Expose-Headers", "*");
+        chain.doFilter(req, res);
     }
 
     @Override
diff --git a/report-ui/src/api/axios.js b/report-ui/src/api/axios.js
index 458975f3..93561583 100644
--- a/report-ui/src/api/axios.js
+++ b/report-ui/src/api/axios.js
@@ -10,7 +10,6 @@ const service = axios.create({
   timeout: 60000,
   headers: {
     'Content-Type': 'application/json',
-    'Authorization': getItem('token')
   }
 })
 
diff --git a/report-ui/src/utils/request.js b/report-ui/src/utils/request.js
index 7744512e..cd85d485 100644
--- a/report-ui/src/utils/request.js
+++ b/report-ui/src/utils/request.js
@@ -12,9 +12,7 @@ const service = axios.create({
 // request拦截器
 service.interceptors.request.use(
   config => {
-    if (store.getters.token) {
-      config.headers['X-Token'] = getToken() // 让每个请求携带自定义token 请根据实际情况自行修改
-    }
+    config.headers['Authorization'] =  (getToken() == null || getToken() == undefined) ? '': getToken()
     return config
   },
   error => {