diff --git a/application/api/behavior/ApiAuth.php b/application/api/behavior/ApiAuth.php
index 87ae4da..72ddc46 100644
--- a/application/api/behavior/ApiAuth.php
+++ b/application/api/behavior/ApiAuth.php
@@ -21,6 +21,7 @@ class ApiAuth {
      */
     private $request;
     private $apiInfo;
+    private $header;
 
     /**
      * 默认行为函数
@@ -32,6 +33,7 @@ class ApiAuth {
     public function run() {
         $this->request = Request::instance();
         $hash = $this->request->routeInfo();
+        $this->header = config('apiAdmin.CROSS_DOMAIN');
         if (isset($hash['rule'][1])) {
             $hash = $hash['rule'][1];
 
@@ -44,7 +46,7 @@ class ApiAuth {
                     $this->apiInfo = $apiInfo->toArray();
                     Cache::set('ApiInfo:' . $hash, $this->apiInfo);
                 } else {
-                    return json(['code' => ReturnCode::DB_READ_ERROR, 'msg' => '获取接口配置数据失败', 'data' => []]);
+                    return json(['code' => ReturnCode::DB_READ_ERROR, 'msg' => '获取接口配置数据失败', 'data' => []], 200, $this->header);
                 }
             }
 
@@ -75,11 +77,11 @@ class ApiAuth {
     private function checkAccessToken() {
         $access_token = $this->request->header('access-token');
         if (!isset($access_token) || !$access_token) {
-            return json(['code' => ReturnCode::ACCESS_TOKEN_TIMEOUT, 'msg' => '缺少参数access-token', 'data' => []]);
+            return json(['code' => ReturnCode::ACCESS_TOKEN_TIMEOUT, 'msg' => '缺少参数access-token', 'data' => []], 200, $this->header);
         } else {
             $appInfo = cache('AccessToken:' . $access_token);
             if (!$appInfo) {
-                return json(['code' => ReturnCode::ACCESS_TOKEN_TIMEOUT, 'msg' => 'access-token已过期', 'data' => []]);
+                return json(['code' => ReturnCode::ACCESS_TOKEN_TIMEOUT, 'msg' => 'access-token已过期', 'data' => []], 200, $this->header);
             }
             ApiLog::setAppInfo($appInfo);
         }
@@ -91,10 +93,10 @@ class ApiAuth {
     private function checkVersion() {
         $version = $this->request->header('version');
         if (!isset($version) || !$version) {
-            return json(['code' => ReturnCode::EMPTY_PARAMS, 'msg' => '缺少参数version', 'data' => []]);
+            return json(['code' => ReturnCode::EMPTY_PARAMS, 'msg' => '缺少参数version', 'data' => []], 200, $this->header);
         } else {
             if ($version != config('apiAdmin.APP_VERSION')) {
-                return json(['code' => ReturnCode::VERSION_INVALID, 'msg' => 'API版本不匹配', 'data' => []]);
+                return json(['code' => ReturnCode::VERSION_INVALID, 'msg' => 'API版本不匹配', 'data' => []], 200, $this->header);
             }
         }
     }
@@ -107,13 +109,13 @@ class ApiAuth {
         $userToken = $this->request->header('user-token', '');
         if ($this->apiInfo['needLogin']) {
             if (!$userToken) {
-                return json(['code' => ReturnCode::AUTH_ERROR, 'msg' => '缺少user-token', 'data' => []]);
+                return json(['code' => ReturnCode::AUTH_ERROR, 'msg' => '缺少user-token', 'data' => []], 200, $this->header);
             }
         }
         if ($userToken) {
             $userInfo = cache('wx:openId:' . $userToken);
             if (!is_array($userInfo) || !isset($userInfo['openId'])) {
-                return json(['code' => ReturnCode::AUTH_ERROR, 'msg' => 'user-token不匹配', 'data' => []]);
+                return json(['code' => ReturnCode::AUTH_ERROR, 'msg' => 'user-token不匹配', 'data' => []], 200, $this->header);
             }
             ApiLog::setUserInfo($userInfo);
         }
diff --git a/application/api/behavior/ApiPermission.php b/application/api/behavior/ApiPermission.php
index 826b939..f64c7a4 100644
--- a/application/api/behavior/ApiPermission.php
+++ b/application/api/behavior/ApiPermission.php
@@ -25,6 +25,7 @@ class ApiPermission {
      */
     public function run() {
         $this->request = Request::instance();
+        $header = config('apiAdmin.CROSS_DOMAIN');
         $hash = $this->request->routeInfo();
         if (isset($hash['rule'][1])) {
             $hash = $hash['rule'][1];
@@ -33,9 +34,7 @@ class ApiPermission {
                 $appInfo = cache('AccessToken:' . $access_token);
                 $allRules = explode(',', $appInfo['app_api']);
                 if (!in_array($hash, $allRules)) {
-                    $data = ['code' => ReturnCode::INVALID, 'msg' => '非常抱歉，您没有权限这么做！', 'data' => []];
-
-                    return json($data);
+                    return json(['code' => ReturnCode::INVALID, 'msg' => '非常抱歉，您没有权限这么做！', 'data' => []], 200, $header);
                 }
             }
         }
diff --git a/application/api/behavior/RequestFilter.php b/application/api/behavior/RequestFilter.php
index 529832f..c14433c 100644
--- a/application/api/behavior/RequestFilter.php
+++ b/application/api/behavior/RequestFilter.php
@@ -63,7 +63,8 @@ class RequestFilter {
             if ($newRule) {
                 $validate = new Validate($newRule);
                 if (!$validate->check($data)) {
-                    return json(['code' => ReturnCode::PARAM_INVALID, 'msg' => $validate->getError(), 'data' => []]);
+                    $header = config('apiAdmin.CROSS_DOMAIN');
+                    return json(['code' => ReturnCode::PARAM_INVALID, 'msg' => $validate->getError(), 'data' => []], 200, $header);
                 }
             }