diff --git a/24Hour/Model/CustomCorsActionFilterAttribute.cs b/24Hour/Model/CustomCorsActionFilterAttribute.cs
index 16e18a1..840f732 100644
--- a/24Hour/Model/CustomCorsActionFilterAttribute.cs
+++ b/24Hour/Model/CustomCorsActionFilterAttribute.cs
@@ -10,6 +10,8 @@ namespace _24Hour.Model
             context.HttpContext.Response.Headers.Add("Access-Control-Allow-Methods", "OPTIONS,POST,GET");
             context.HttpContext.Response.Headers.Add("Access-Control-Allow-Headers", "x-requested-with");
             context.HttpContext.Response.Headers.Add("Access-Control-Allow-Origin", "*");
+            context.HttpContext.Response.Headers.Add("Access-Control-Allow-Credentials", "true");
+            context.HttpContext.Response.Headers.Add("Access-Control-Max-Age", "86400");//缓存一天
         }
 
         public void OnActionExecuted(ActionExecutedContext context)