diff --git a/renren-admin/src/main/java/io/renren/modules/security/oauth2/Oauth2Filter.java b/renren-admin/src/main/java/io/renren/modules/security/oauth2/Oauth2Filter.java
index 15f3420f..24bee602 100644
--- a/renren-admin/src/main/java/io/renren/modules/security/oauth2/Oauth2Filter.java
+++ b/renren-admin/src/main/java/io/renren/modules/security/oauth2/Oauth2Filter.java
@@ -150,7 +150,7 @@ public class Oauth2Filter extends AuthenticatingFilter {
     private void send401Error(HttpServletResponse response, String msg) throws IOException {
         response.setContentType("application/json;charset=utf-8");
         response.setHeader("Access-Control-Allow-Credentials", "true");
-        response.setHeader("Access-Control-Allow-Origin", "*");
+//        response.setHeader("Access-Control-Allow-Origin", "*");
         response.setStatus(HttpStatus.SC_UNAUTHORIZED);
         Result r = new Result().error(HttpStatus.SC_UNAUTHORIZED, msg);