diff --git a/sa-token-demo/sa-token-demo-cross/sa-token-demo-cross-cookie-server/src/main/java/com/pj/test/SaTokenConfigure.java b/sa-token-demo/sa-token-demo-cross/sa-token-demo-cross-cookie-server/src/main/java/com/pj/test/SaTokenConfigure.java
index 2618c8cb..dca70c2b 100644
--- a/sa-token-demo/sa-token-demo-cross/sa-token-demo-cross-cookie-server/src/main/java/com/pj/test/SaTokenConfigure.java
+++ b/sa-token-demo/sa-token-demo-cross/sa-token-demo-cross-cookie-server/src/main/java/com/pj/test/SaTokenConfigure.java
@@ -62,10 +62,11 @@ public class SaTokenConfigure implements WebMvcConfigurer {
         			.setHeader("Access-Control-Allow-Origin", origin)
         			// 允许所有请求方式
         			.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE")
+					// 允许的header参数
+					.setHeader("Access-Control-Allow-Headers", "x-requested-with,satoken")
         			// 有效时间
         			.setHeader("Access-Control-Max-Age", "3600")
-        			// 允许的header参数
-        			.setHeader("Access-Control-Allow-Headers", "x-requested-with,satoken");
+					;
         			
         			// 如果是预检请求，则立即返回到前端 
         			SaRouter.match(SaHttpMethod.OPTIONS)
diff --git a/sa-token-demo/sa-token-demo-cross/sa-token-demo-cross-header-server/src/main/java/com/pj/test/SaTokenConfigure.java b/sa-token-demo/sa-token-demo-cross/sa-token-demo-cross-header-server/src/main/java/com/pj/test/SaTokenConfigure.java
index 36176ebf..250ee597 100644
--- a/sa-token-demo/sa-token-demo-cross/sa-token-demo-cross-header-server/src/main/java/com/pj/test/SaTokenConfigure.java
+++ b/sa-token-demo/sa-token-demo-cross/sa-token-demo-cross-header-server/src/main/java/com/pj/test/SaTokenConfigure.java
@@ -52,10 +52,11 @@ public class SaTokenConfigure implements WebMvcConfigurer {
         			.setHeader("Access-Control-Allow-Origin", "*")
         			// 允许所有请求方式
         			.setHeader("Access-Control-Allow-Methods", "*")
-        			// 有效时间
-        			.setHeader("Access-Control-Max-Age", "3600")
         			// 允许的header参数
-        			.setHeader("Access-Control-Allow-Headers", "*");
+        			.setHeader("Access-Control-Allow-Headers", "*")
+					// 有效时间
+        			.setHeader("Access-Control-Max-Age", "3600")
+					;
         			
         			// 如果是预检请求，则立即返回到前端 
         			SaRouter.match(SaHttpMethod.OPTIONS)
diff --git a/sa-token-doc/fun/cors-filter.md b/sa-token-doc/fun/cors-filter.md
index cf0b1478..4f158623 100644
--- a/sa-token-doc/fun/cors-filter.md
+++ b/sa-token-doc/fun/cors-filter.md
@@ -1,3 +1,5 @@
 # 解决跨域问题 
 
-参考：[https://blog.csdn.net/shengzhang_/article/details/119928794](https://blog.csdn.net/shengzhang_/article/details/119928794)
+<!-- 参考：[https://blog.csdn.net/shengzhang_/article/details/119928794](https://blog.csdn.net/shengzhang_/article/details/119928794) -->
+
+ 参考：[https://juejin.cn/post/7247376558367981627](https://juejin.cn/post/7247376558367981627)
diff --git a/sa-token-doc/more/common-questions.md b/sa-token-doc/more/common-questions.md
index 1189b16c..6bc287ae 100644
--- a/sa-token-doc/more/common-questions.md
+++ b/sa-token-doc/more/common-questions.md
@@ -350,7 +350,7 @@ String name = StpUtil.getSession().getString("name");
 
 
 ### Q：我加了 Sa-Token 的全局过滤器，浏览器报错跨域了怎么办？
-参考：[https://blog.csdn.net/shengzhang_/article/details/119928794](https://blog.csdn.net/shengzhang_/article/details/119928794)
+参考：[https://juejin.cn/post/7247376558367981627](https://juejin.cn/post/7247376558367981627)
 
 
 ### Q：前后端分离项目中，前端使用 vue，如果不打开 porxy 代理的话，调用 Sa-Token 登录不会将 token 自动注入到 Cookie 中，是因为跨域么？