diff --git a/conf/nginx.conf b/conf/nginx.conf
index 53d0545..e5e9c17 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -25,7 +25,7 @@ http {
     #lua_ssl_verify_depth 3;
 
     #在Nginx启动时执行的Lua代码块
-    #初始化用户角色权限相关的共享内存
+    #oauth2.0第三方验证后将code放到共享内存中
     lua_shared_dict codeDict 5m;
     #init_by_lua_block {
     #    -- 定义一个全局变量
@@ -53,12 +53,15 @@ http {
         set $APP_PATH '/home/frankly/work/AuthPlatform';
 
         #访问时允许跨域处理
-	    access_by_lua_block {
-            ngx.header["Access-Control-Allow-Origin"] = "*"
-            ngx.header["Access-Control-Allow-Methods"] = "GET, POST, DELETE, PUT"
-            ngx.header["Access-Control-Allow-Headers"] = "Content-Type, Authorization"
+        access_by_lua_block {
+            ngx.header["Access-Control-Allow-Origin"] = "*";
+            ngx.header["Access-Control-Allow-Methods"] = "GET, POST, DELETE, PUT";
+            ngx.header["Access-Control-Allow-Headers"] = "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range";
+            ngx.header["Access-Control-Max-Age"] = 1728000;
+            ngx.header["Access-Control-Expose-Headers"] = "Content-Length,Content-Range";
             if ngx.var.request_method == "OPTIONS" then
-                ngx.exit(ngx.HTTP_NOT_ALLOWED)
+                ngx.status = 204
+                ngx.exit(ngx.OK)
             end
         }