Browser-based HTTP normal request and Ajax request

Initiates an HTTP request that can be initiated through a browser or through a program. Through the program to initiate HTTP requests (such as Java httpurlconnection), as long as the HTTP layer of things can be forged, of course, most of the forged header field. In the browser to initiate the HTTP request (including AJAX requests), some common header fields (such as:Referer,user-agent, etc. ) are the browser to help us set up, In the Web page generally we can not directly to reset their. However, there are some ways to reset these header fields indirectly, I understand the following two ways:

1. Use the Chrom browser as an example to filter the destination URLs via the Chrom plugin and then reset the header for HTTP requests to access those URLs. Reference plugin: Https://github.com/chenyoufu/modify-http-headers

2. Reset the header field of the original request via proxy software fiddler

Browser-based HTTP requests are divided into ordinary requests and AJAX requests, which are performed synchronously, and AJAX requests can be synchronous or asynchronous (default async). When these two requests arrive at the service end, we can differentiate them by x-requested-with this header field. If it is an ordinary request without this header, take it to null. If it is an AJAX request, fetch the XMLHttpRequest.

Because the AJAX Request header field is can be set, we can reset the header, disguised as a normal request. The answer is that it can't be completely reset. If we set the X-requested-with field ourselves, the browser will go back and set the value again. Chrom and IE's practice is to append directly, that is, the result of the service-side printing is: custom values, XMLHttpRequest. And Firefox is directly printing: XMLHttpRequest.

In addition, if we set the Referer in the AJAX request, the header is not effective, the browser will directly overwrite the value you set.

--------------------------------------------------------------------------------------------------------------- --------------------------------------

In a very complex AJAX application, if a session has timed out, but at this time through the AJAX request, then the Ajax return is a landing page of HTML, then this is miserable, the page is messy, then, can be in the Java side, If the interceptor to determine whether the client's request is an AJAX request, after query, can.
The ordinary request is not the same as the message header of the AJAX request, by the following

Java code String RequestType = Request.getheader ("X-requested-with");
If RequestType can get the value and the value is XMLHttpRequest, indicating that the client's request is an asynchronous request, it is naturally an AJAX request, and conversely if NULL, it is a normal request

--------------------------------------------------------------------------------------------------------------- ----------------------------------------------------------------------

the difference between an AJAX request and a normal HTTP request

The essence of both:

Ajax XMLHttpRequest like requesting the server server to accept requests to return data for refresh interaction

Normal HTTP request-to-HttpRequest like a request server accepting a request to return data requires a page refresh

Ajax requests

General request

The AJAX request header will have one more X-requested-with parameter and a value of XMLHttpRequest

String RequestType = Request.getheader ("X-requested-with");  

Take this as the basis for judging