diff --git a/bonus-gateway/src/main/java/com/bonus/gateway/config/CorsConfig.java b/bonus-gateway/src/main/java/com/bonus/gateway/config/CorsConfig.java
new file mode 100644
index 0000000..e1537d7
--- /dev/null
+++ b/bonus-gateway/src/main/java/com/bonus/gateway/config/CorsConfig.java
@@ -0,0 +1,30 @@
+package com.bonus.gateway.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.reactive.CorsWebFilter;
+import org.springframework.web.cors.reactive.UrlBasedCorsConfigurationSource;
+import org.springframework.web.util.pattern.PathPatternParser;
+
+import java.util.Collections;
+
+/**
+ * @author 黑子
+ */
+@Configuration
+public class CorsConfig {
+    @Bean
+    // CorsWebFilter 是 Spring Framework 中
+    // 用于处理跨源资源共享（CORS, Cross-Origin Resource Sharing）的过滤器
+    public CorsWebFilter corsFilter() { //网关过滤器，写法基本是固定的
+        CorsConfiguration config = new CorsConfiguration();
+        config.setAllowCredentials(true);
+        config.setAllowedOrigins(Collections.singletonList("*"));
+        config.setAllowedMethods(Collections.singletonList("*")); // 允许所有方法，也可以指定如GET, POST等具体方法
+        config.setAllowedHeaders(Collections.singletonList("*")); // 允许所有头信息，也可以指定具体头信息
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        source.registerCorsConfiguration("/**", config); // 对所有路径应用此CORS配置
+        return new CorsWebFilter(source);
+    }
+}
\ No newline at end of file