diff --git a/apps/jumpserver/settings/base.py b/apps/jumpserver/settings/base.py
index e5b382517..a4441711a 100644
--- a/apps/jumpserver/settings/base.py
+++ b/apps/jumpserver/settings/base.py
@@ -127,7 +127,7 @@ LOGIN_REDIRECT_URL = reverse_lazy('index')
 LOGIN_URL = reverse_lazy('authentication:login')
 
 SESSION_COOKIE_DOMAIN = CONFIG.SESSION_COOKIE_DOMAIN
-CSRF_COOKIE_DOMAIN = CONFIG.CSRF_COOKIE_DOMAIN
+CSRF_COOKIE_DOMAIN = CONFIG.SESSION_COOKIE_DOMAIN
 SESSION_COOKIE_AGE = CONFIG.SESSION_COOKIE_AGE
 SESSION_EXPIRE_AT_BROWSER_CLOSE = True
 # 自定义的配置，SESSION_EXPIRE_AT_BROWSER_CLOSE 始终为 True, 下面这个来控制是否强制关闭后过期 cookie