diff --git a/api/middlewares/cors.go b/api/middlewares/cors.go
index 89471f8..634c1db 100644
--- a/api/middlewares/cors.go
+++ b/api/middlewares/cors.go
@@ -15,8 +15,8 @@ func Cors() gin.HandlerFunc {
 		if origin != "" {
 			c.Header("Access-Control-Allow-Origin", origin)
 			c.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE, UPDATE")
-			c.Header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, appId, sign")
-			c.Header("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Cache-Control, Content-Language, Content-Type, appId, sign")
+			c.Header("Access-Control-Allow-Headers", "appid,sign,Origin, X-Requested-With, Content-Type, Accept")
+			c.Header("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Cache-Control, Content-Language, Content-Type")
 			c.Header("Access-Control-Allow-Credentials", "false")
 			c.Set("content-type", "application/json")
 		}