环境

  • springboot
  • ajax
  • 谷歌浏览器

我看了网上很多文章,都是说ajax会发送一个预检请求,然后发送的是OPTION的方法,不会携带任何数据,所以需要放行这个预检请求,但是我自己走断点看,他第一个请求都是GET方法,我不知道为什么

我用的是谷歌浏览器来发送请求头的,然后就出现一个非常奇怪的问题,拦截器拿不到请求头,但是控制器可以拿到请求头的数据,我试了很久,然后我换IE浏览器,将他的安全级别设置最低,然后就可以拿到请求头了,神奇的事情发生了,我的谷歌浏览器也可以了

拦截器代码:

@Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
        response.setHeader("Access-Control-Max-Age", "3600");
        response.setHeader("Access-Control-Allow-Headers", "Content-Type, x-requested-with, X-Custom-Header, Authorization,aaa");
        System.out.println("=====进入prehandle=====");
        System.out.println("方法:"+request.getMethod());
        //System.out.println(request.getMethod().toUpperCase().toString());
        if("OPTIONS".equals(request.getMethod().toUpperCase().toString())){
            return true;
        }

        System.out.println(request.getHeader("aaa"));
        Enumeration er = request.getHeaderNames();//获取请求头的所有name值
        while(er.hasMoreElements()){
            String name	=(String) er.nextElement();
            String value = request.getHeader(name);
            System.out.println(name+":"+value);
        }
        //System.out.println("bb");
        //System.out.println(request.getMethod());
        if (HttpMethod.OPTIONS.toString().equals(request.getMethod())){
            return true;
        }

        //拿到token
        //String authHeader = request.getHeader("aaa");
//        System.out.println(request.getHeaders("aa"));
//        Enumeration<String> headerNames = request.getHeaderNames();
//        while (headerNames.hasMoreElements()) {
//                         String name = headerNames.nextElement();
//                         //根据名称获取请求头的值
//                         String value = request.getHeader(name);
//                         System.out.println(name+"---"+value);
//                     }
        //if (authHeader==null){
           // response.sendRedirect("/index.html");
            //return false;
        //}
        return true;
    }

谷歌浏览器:

=====进入prehandle=====
方法:GET
null
host:localhost:8089
connection:keep-alive
cache-control:max-age=0
upgrade-insecure-requests:1
user-agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36
accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site:none
sec-fetch-mode:navigate
sec-fetch-user:?1
sec-fetch-dest:document
accept-encoding:gzip, deflate, br
accept-language:zh-CN,zh;q=0.9
cookie:USER_COOKIE_KEY=2ee2782d-b90f-4288-8fa0-54e88747c791_889C679E21DD4095A5B17E349C4D2831
===进入afterCompletion===
success
=====进入prehandle=====
方法:POST
45645
host:localhost:8089
connection:keep-alive
content-length:0
accept:*/*
x-requested-with:XMLHttpRequest
authorization:12345
user-agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36
aaa:45645
content-type:application/json;charset=UTF-8
origin:http://localhost:8089
sec-fetch-site:same-origin
sec-fetch-mode:cors
sec-fetch-dest:empty
referer:http://localhost:8089/success.html
accept-encoding:gzip, deflate, br
accept-language:zh-CN,zh;q=0.9
cookie:USER_COOKIE_KEY=2ee2782d-b90f-4288-8fa0-54e88747c791_889C679E21DD4095A5B17E349C4D2831
====进入index2======
45645
===进入afterCompletion===
success

IE浏览器:

=====进入prehandle=====
方法:GET
null
accept:text/html, application/xhtml+xml, image/jxr, */*
accept-language:zh-Hans-CN,zh-Hans;q=0.5
user-agent:Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding:gzip, deflate
host:localhost:8089
connection:Keep-Alive
===进入afterCompletion===
success
=====进入prehandle=====
方法:POST
45645
content-type:application/json;charset=UTF-8
accept:*/*
authorization:12345
aaa:45645
x-requested-with:XMLHttpRequest
referer:http://localhost:8089/success.html
accept-language:zh-Hans-CN,zh-Hans;q=0.5
accept-encoding:gzip, deflate
user-agent:Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
host:localhost:8089
content-length:0
connection:Keep-Alive
cache-control:no-cache
====进入index2======
45645
===进入afterCompletion===
success

这里出现的一个问题就是第一次预检请是GET请求,不理解为什么是GET,网上说的都是OPTION,总之问题就是这样了,有知道的朋友欢迎留言告知

换一个新的浏览器第一次访问,会有4个请求进入拦截器,我现在换了一个火狐浏览器:

=====进入prehandle=====
方法:GET
null
host:localhost:8089
user-agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0
accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
accept-language:zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
accept-encoding:gzip, deflate
connection:keep-alive
upgrade-insecure-requests:1
===进入afterCompletion===
success
=====进入prehandle=====
方法:GET
null
host:localhost:8089
user-agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0
accept:image/webp,*/*
accept-language:zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
accept-encoding:gzip, deflate
connection:keep-alive
referer:http://localhost:8089/success.html
===进入afterCompletion===
success
=====进入prehandle=====
方法:POST
45645
host:localhost:8089
user-agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0
accept:*/*
accept-language:zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
accept-encoding:gzip, deflate
content-type:application/json;charset=UTF-8
authorization:12345
aaa:45645
x-requested-with:XMLHttpRequest
origin:http://localhost:8089
connection:keep-alive
referer:http://localhost:8089/success.html
content-length:0
====进入index2======
45645
===进入afterCompletion===
success
=====进入prehandle=====
方法:GET
null
host:localhost:8089
user-agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0
accept:image/webp,*/*
accept-language:zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
accept-encoding:gzip, deflate
connection:keep-alive
referer:http://localhost:8089/success.html
===进入afterCompletion===
success

然后你再次刷新网页就变成两次进入拦截器了

=====进入prehandle=====
方法:GET
null
host:localhost:8089
user-agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0
accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
accept-language:zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
accept-encoding:gzip, deflate
connection:keep-alive
upgrade-insecure-requests:1
cache-control:max-age=0
===进入afterCompletion===
success
=====进入prehandle=====
方法:POST
45645
host:localhost:8089
user-agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0
accept:*/*
accept-language:zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
accept-encoding:gzip, deflate
content-type:application/json;charset=UTF-8
authorization:12345
aaa:45645
x-requested-with:XMLHttpRequest
origin:http://localhost:8089
connection:keep-alive
referer:http://localhost:8089/success.html
content-length:0
====进入index2======
45645
===进入afterCompletion===
success

说实话这些神奇的操作我还不知道怎么回事,总之我就是用了IE浏览器访问之后,就所有浏览器都OK了

# ajax
Logo
技术共进,成长同行——讯飞AI开发者社区

技术共进,成长同行——讯飞AI开发者社区

更多推荐

cover

【大模型入门教程】一文带你看懂什么是人工智能体(AI_Agent)?零基础小白收藏这一篇就对了!!

avatar 讯飞AI开发者社区
cover

PHP与人工智能:结合案例与可能性探索

avatar 讯飞AI开发者社区

通用人工智能(AGI)发展现状:从科幻到现实的跨越

通用人工智能(AGI)正从科幻走向现实。2025年,多模态融合、递归推理引擎和能效革命三大技术突破推动AGI发展,国际科技巨头和中国企业加速布局。AI Agent在金融、医疗、教育等领域广泛应用,企业自动化效率显著提升。然而,数据隐私、算法透明度和就业替代等伦理挑战亟待解决。未来,AGI将向多模态量子计算融合、具身智能和世界模型方向发展,需要建立人机协作新模式和完善的政策法规框架。AGI既带来机遇

avatar 讯飞AI开发者社区