diff --git a/src/main/java/com/ftm/server/infrastructure/security/SecurityConfig.java b/src/main/java/com/ftm/server/infrastructure/security/SecurityConfig.java
index b68f964..4759dbd 100644
--- a/src/main/java/com/ftm/server/infrastructure/security/SecurityConfig.java
+++ b/src/main/java/com/ftm/server/infrastructure/security/SecurityConfig.java
@@ -37,6 +37,7 @@ public class SecurityConfig {
                     HttpMethod.PUT,
                     HttpMethod.PATCH,
                     HttpMethod.DELETE,
+                    HttpMethod.OPTIONS,
                     HttpMethod.HEAD);
 
     // CORS 에서 허용할 도메인 목록
diff --git a/src/main/resources/application-dev.yml b/src/main/resources/application-dev.yml
index b4384e8..56b3465 100644
--- a/src/main/resources/application-dev.yml
+++ b/src/main/resources/application-dev.yml
@@ -13,4 +13,5 @@ server:
       cookie:
         name: SESSION
         same-site: none
-        secure: true
\ No newline at end of file
+        secure: true
+        domain: .fittheman.site
\ No newline at end of file