diff --git a/common/postmanLib.js b/common/postmanLib.js
index 00d94fca5..21055bbd9 100644
--- a/common/postmanLib.js
+++ b/common/postmanLib.js
@@ -244,8 +244,9 @@ function sandboxByBrowser(context = {}, script) {
  * @param {*} preScript 
  * @param {*} afterScript 
  * @param {*} commonContext  负责传递一些业务信息，crossRequest 不关注具体传什么，只负责当中间人
+ * @param {*} commonContext  传导 pre-script 的 Enable 标记，适用于Server
  */
-async function crossRequest(defaultOptions, preScript, afterScript, commonContext = {}) {
+async function crossRequest(defaultOptions, preScript, afterScript, commonContext = {}, scriptEnable = true) {
   let options = Object.assign({}, defaultOptions);
   const taskId = options.taskId || Math.random() + '';
   let urlObj = URL.parse(options.url, true),
@@ -300,12 +301,6 @@ async function crossRequest(defaultOptions, preScript, afterScript, commonContex
     axios: axios
   });
 
-  let scriptEnable = false;
-  try {
-    const yapi = require('../server/yapi');
-    scriptEnable = yapi.WEBCONFIG.scriptEnable === true;
-  } catch (err) {}
-
   if (preScript && scriptEnable) {
     context = await sandbox(context, preScript);
     defaultOptions.url = options.url = URL.format({
diff --git a/server/controllers/open.js b/server/controllers/open.js
index 0a711b676..e1902a998 100644
--- a/server/controllers/open.js
+++ b/server/controllers/open.js
@@ -329,7 +329,7 @@ class openController extends baseController {
         this.getUid(),
         interfaceData.project_id,
         interfaceData.interface_id
-      ));
+      ), yapi.WEBCONFIG.scriptEnable === true);
       let res = data.res;
 
       result = Object.assign(result, {