diff --git a/src/main/java/com/sztzjy/forex/trading_trading/config/exception/handler/CustomAuthenticationEntryPoint.java b/src/main/java/com/sztzjy/forex/trading_trading/config/exception/handler/CustomAuthenticationEntryPoint.java
index 22c5c9f..2d85d65 100644
--- a/src/main/java/com/sztzjy/forex/trading_trading/config/exception/handler/CustomAuthenticationEntryPoint.java
+++ b/src/main/java/com/sztzjy/forex/trading_trading/config/exception/handler/CustomAuthenticationEntryPoint.java
@@ -25,7 +25,7 @@ public class CustomAuthenticationEntryPoint implements AuthenticationEntryPoint
         // 当用户尝试访问安全的REST资源而不提供任何凭据时，将调用此方法发送401 响应
         response.setCharacterEncoding("UTF-8");
         response.setStatus(HttpStatus.UNAUTHORIZED.value());
-        response.addHeader("Access-Control-Allow-Origin", "*");
+//        response.addHeader("Access-Control-Allow-Origin", "*");
         response.addHeader("Content-Type", "application/json");
         Throwable cause = authException.getCause();
         PrintWriter printWriter = response.getWriter();
diff --git a/src/main/java/com/sztzjy/forex/trading_trading/config/security/AuthenticationFilter.java b/src/main/java/com/sztzjy/forex/trading_trading/config/security/AuthenticationFilter.java
index b7db418..3d9d00e 100644
--- a/src/main/java/com/sztzjy/forex/trading_trading/config/security/AuthenticationFilter.java
+++ b/src/main/java/com/sztzjy/forex/trading_trading/config/security/AuthenticationFilter.java
@@ -67,28 +67,23 @@ public class AuthenticationFilter extends OncePerRequestFilter {
             response.setCharacterEncoding("UTF-8");
         } catch (ExpiredJwtException e1) {
             response.setStatus(HttpStatus.UNAUTHORIZED.value());
-            response.addHeader("Access-Control-Allow-Origin", "*");
             response.getWriter().print("Token已过期");
             return;
         } catch (UnsupportedJwtException e2) {
             response.setStatus(HttpStatus.UNAUTHORIZED.value());
-            response.addHeader("Access-Control-Allow-Origin", "*");
             response.getWriter().print("不支持的Token");
             return;
         } catch (MalformedJwtException e3) {
 
             response.setStatus(HttpStatus.UNAUTHORIZED.value());
-            response.addHeader("Access-Control-Allow-Origin", "*");
             response.getWriter().print("无效的Token格式");
             return;
         } catch (SignatureException e4) {
             response.setStatus(HttpStatus.UNAUTHORIZED.value());
-            response.addHeader("Access-Control-Allow-Origin", "*");
             response.getWriter().print("无效的Token签名");
             return;
         } catch (Exception e5) {
             response.setStatus(HttpStatus.UNAUTHORIZED.value());
-            response.addHeader("Access-Control-Allow-Origin", "*");
             response.getWriter().print("无效的Token");
             return;
         }