diff --git a/src/main/java/com/oronaminc/join/member/security/SecurityConfig.java b/src/main/java/com/oronaminc/join/member/security/SecurityConfig.java
index 582dac7..8332001 100644
--- a/src/main/java/com/oronaminc/join/member/security/SecurityConfig.java
+++ b/src/main/java/com/oronaminc/join/member/security/SecurityConfig.java
@@ -2,6 +2,8 @@
 
 import static org.springframework.security.config.Customizer.*;
 
+import java.util.List;
+
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
@@ -9,6 +11,9 @@
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
 import lombok.RequiredArgsConstructor;
 
@@ -23,7 +28,7 @@ public class SecurityConfig {
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         return http
                 .csrf(csrf -> csrf.disable())
-                .cors(cors -> cors.disable())
+                .cors(cors -> cors.configurationSource(corsConfigurationSource()))
                 .authorizeHttpRequests(auth -> auth
                         .requestMatchers(
                                 "/api/auth/guest",
@@ -51,4 +56,17 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                 .logout(withDefaults())
                 .build();
     }
+
+    @Bean
+    public CorsConfigurationSource corsConfigurationSource() {
+        CorsConfiguration configuration = new CorsConfiguration();
+        configuration.setAllowCredentials(true);
+        configuration.setAllowedOriginPatterns(List.of("*"));
+        configuration.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "OPTIONS"));
+        configuration.setAllowedHeaders(List.of("*"));
+
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        source.registerCorsConfiguration("/**", configuration);
+        return source;
+    }
 }
diff --git a/src/main/java/com/oronaminc/join/websocket/handshake/CustomHandshakeHandler.java b/src/main/java/com/oronaminc/join/websocket/handshake/CustomHandshakeHandler.java
index 2b5b78a..9910dae 100644
--- a/src/main/java/com/oronaminc/join/websocket/handshake/CustomHandshakeHandler.java
+++ b/src/main/java/com/oronaminc/join/websocket/handshake/CustomHandshakeHandler.java
@@ -58,5 +58,4 @@ protected Principal determineUser(ServerHttpRequest request, WebSocketHandler ws
         // fallback 경로로 전송
         return null;
     }
-
 }