When the front end requests the server information through POST, we will find two requests, one Request Request Method is Options, the other Request Reuest Method is POST.
After reading some information on the Internet, I found that it relates to three basic concepts
- Http Options Method
In short, the OPTIONS request method has two main uses:
- Get HTTP request methods supported by the server;
- Used to check server performance.
- CORS(Cross-domain Resource Sharing)
CORS is a technical specification for Web browsers that defines a way for Web servers to allow Web pages to access their resources from different domains. Such access is prohibited by the same origin policy. The CORS system defines a way for the browser and server to interact to determine whether cross-domain requests are allowed.
- The front end
The client initiates Ajax requests using XmlHttpRequest. Currently, most browsers support CORS, and mainstream browsers support cross-domain resource sharing.
- The server side
If no configuration is performed on the server, the front-end will receive CORS Access Deny after the Ajax request is initiated, that is, cross-domain Access is denied.
- But are known preflrequests
Preflighted Requests is a transparent server validation mechanism in CORS. A precheck request first sends an HTTP OPTIONS header to a resource in another domain name to determine if the actual request is secure.
The following two situations require prechecking:
- Simple requests, such as POST requests with content-type application/ XML or text/ XML;
- Set custom headers, such as X-JSON, X-MengXIanhui, etc.