Http Post请求被强制转换为Http Get请求
今天在开发一个服务的时候,发现用postman造的post请求,到了服务端变成了get请求。觉得很奇怪。于是打开wireshark抓包。
发现通信流程如下
1、post请求发起之后,服务端返回了302
2、客户端收到302之后,通过https向服务端发起了新的请求。 (wireshark抓包filter配置为:port 443 and host yourhost.com)
于是怀疑是客户端在处理302时,自动重新发起了get请求。
找了一下果然如此。
Note: RFC 1945 and RFC 2068 specify that the client is not allowed to change the method on the redirected request. However, most existing user agent implementations treat 302 as if it were a 303 response, performing a GET on the Location field-value regardless of the original request method. The status codes 303 and 307 have been added for servers that wish to make unambiguously clear which kind of reaction is expected of the client.
大多数http客户端(包括浏览器)会将引起302的原有的post请求转化为get请求发出去(其实这是将302当做303来处理)。
于是,将http换成https,问题解决。
至于为啥会将302当做303来处理,据说这是很多老服务器的期望行为。所以一切都是为了兼容。
