diff --git a/fizz-core/src/main/java/we/filter/CorsFilterConfig.java b/fizz-core/src/main/java/we/filter/CorsFilterConfig.java
index 8e64e1d..335b1cb 100644
--- a/fizz-core/src/main/java/we/filter/CorsFilterConfig.java
+++ b/fizz-core/src/main/java/we/filter/CorsFilterConfig.java
@@ -17,6 +17,7 @@
 
 package we.filter;
 
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.Ordered;
@@ -34,6 +35,7 @@ import javax.annotation.Resource;
  * @author hongqiaowei
  */
 
+@ConditionalOnProperty(name = "cors", havingValue = "true", matchIfMissing = true)
 @Configuration
 public class CorsFilterConfig {
 
diff --git a/fizz-core/src/main/java/we/filter/RouteFilter.java b/fizz-core/src/main/java/we/filter/RouteFilter.java
index fe5b88c..400bb5b 100644
--- a/fizz-core/src/main/java/we/filter/RouteFilter.java
+++ b/fizz-core/src/main/java/we/filter/RouteFilter.java
@@ -124,7 +124,9 @@ public class RouteFilter extends FizzWebFilter {
                         String k = h.getKey();
                         if (clientRespHeaders.containsKey(k)) {
                             if (k.equals(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN) || k.equals(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS)
-                                    || k.equals(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS) || k.equals(HttpHeaders.ACCESS_CONTROL_MAX_AGE)) {
+                                                                                  || k.equals(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS)
+                                                                                  || k.equals(HttpHeaders.ACCESS_CONTROL_MAX_AGE)
+                                                                                  || k.equals(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS)) {
                             } else {
                                 clientRespHeaders.put(k, h.getValue());
                             }
diff --git a/fizz-core/src/main/java/we/proxy/CallbackService.java b/fizz-core/src/main/java/we/proxy/CallbackService.java
index c6034fe..76c9174 100644
--- a/fizz-core/src/main/java/we/proxy/CallbackService.java
+++ b/fizz-core/src/main/java/we/proxy/CallbackService.java
@@ -182,7 +182,9 @@ public class CallbackService {
 					String k = h.getKey();
 					if (clientRespHeaders.containsKey(k)) {
 						if (k.equals(HttpHeaders.ACCESS_CONTROL_ALLOW_ORIGIN) || k.equals(HttpHeaders.ACCESS_CONTROL_ALLOW_CREDENTIALS)
-								|| k.equals(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS) || k.equals(HttpHeaders.ACCESS_CONTROL_MAX_AGE)) {
+								                                              || k.equals(HttpHeaders.ACCESS_CONTROL_ALLOW_HEADERS)
+																			  || k.equals(HttpHeaders.ACCESS_CONTROL_MAX_AGE)
+																			  || k.equals(HttpHeaders.ACCESS_CONTROL_ALLOW_METHODS)) {
 						} else {
 							clientRespHeaders.put(k, h.getValue());
 						}