diff --git a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/configuration/CorsAutoConfiguration.java b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/configuration/CorsAutoConfiguration.java
new file mode 100644
index 000000000..b0cdae520
--- /dev/null
+++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/configuration/CorsAutoConfiguration.java
@@ -0,0 +1,33 @@
+package org.hswebframework.web.authorization.basic.configuration;
+
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+import org.springframework.web.filter.CorsFilter;
+
+/**
+ * 跨域设置
+ *
+ * @author zhouhao
+ * @since 1.0
+ */
+@Configuration
+@ConditionalOnProperty(prefix = "hsweb.web.cors", name = "enabled", havingValue = "true")
+public class CorsAutoConfiguration {
+
+    @ConfigurationProperties(prefix = "hsweb.web.cors")
+    @Bean
+    public CorsConfiguration corsConfiguration() {
+        return new CorsConfiguration();
+    }
+
+    @Bean
+    public CorsFilter corsFilter(CorsConfiguration corsConfiguration) {
+        UrlBasedCorsConfigurationSource corsConfigurationSource = new UrlBasedCorsConfigurationSource();
+        corsConfigurationSource.registerCorsConfiguration("/**", corsConfiguration);
+        return new CorsFilter(corsConfigurationSource);
+    }
+}