diff --git a/application/common.php b/application/common.php
index fa160030b771c163ecb4ac2a6e3fc262b875d459..e63f1bef6e24ba6de5bb512c3ed7477ae40839af 100755
--- a/application/common.php
+++ b/application/common.php
@@ -432,7 +432,8 @@ if (!function_exists('check_cors_request')) {
                 header("Access-Control-Allow-Origin: " . $_SERVER['HTTP_ORIGIN']);
             } else {
                 header('HTTP/1.1 403 Forbidden');
-                exit;
+                $response = Response::create('', 'json', 403);
+                throw new HttpResponseException($response);
             }
 
             header('Access-Control-Allow-Credentials: true');
@@ -445,7 +446,8 @@ if (!function_exists('check_cors_request')) {
                 if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'])) {
                     header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
                 }
-                exit;
+                $response = Response::create('', 'json');
+                throw new HttpResponseException($response);
             }
         }
     }