我在 Spring boot 中有一些關(guān)于 Pre-flight Filter 的代碼，但我不知道這段代碼的用途：@Component// We want to put this in front of SpringSessionFilter@Order(Ordered.HIGHEST_PRECEDENCE)public class RequestFilter {    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) {        HttpServletRequest request = (HttpServletRequest) req;        HttpServletResponse response = (HttpServletResponse) res;        response.setHeader("Access-Control-Allow-Origin", "*");        response.setHeader("Access-control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE");        response.setHeader("Access-Control-Allow-Headers", "x-requested-with, x-auth-token");        response.setHeader("Access-Control-Max-Age", "3600");        response.setHeader("Access-Control-Allow-Credentials", "true");        if(!(request.getMethod().equalsIgnoreCase("OPTIONS"))) {            try {                chain.doFilter(req, res);            } catch (Exception e) {                e.printStackTrace();            }        } else {            System.out.println("Pre-fight");            response.setHeader("Access-Control-Allowed-Methods", "POST, GET, DELETE");            response.setHeader("Access-Control-Max-Age", "3600");            response.setHeader("Access-Control-Allow-Headers", "authorization, content-type, x-auth-token, " +                    "access-control-request-headers,access-control-request-method,accept,origin,authorization,x-requested-with");            response.setStatus(HttpServletResponse.SC_OK);        }    }    public void init(FilterConfig filterConfig) {}    public void destroy() {}}這是這個(gè)文件的解釋：所以當(dāng) Angular 2 發(fā)送一個(gè) http post ajax 調(diào)用時(shí)，它會(huì)首先發(fā)送一個(gè)飛行前的方法類型不是“POST”而是“OPTIONS”。如果這個(gè)預(yù)檢有一個(gè)有效的響應(yīng)，那么它將開(kāi)始發(fā)送真正的 http post。這是為了防止跨站攻擊。在后端，spring 對(duì)此沒(méi)有開(kāi)箱即用的處理。所以我們需要檢查 http 方法是否是預(yù)檢。如果是，我們將只用有效的標(biāo)頭和信息進(jìn)行響應(yīng)。如果沒(méi)有，我們將繼續(xù)過(guò)濾器鏈。但是看不懂源碼。任何人都可以為我解釋嗎？