本文翻译自:“CAUTION: provisional headers are shown” in Chrome debugger
I noticed a strange caution message when looking at downloaded resources using Google chrome inspector (F12): 使用Google Chrome浏览器(F12)查看下载的资源时,我注意到一条奇怪的警告消息:
Caution provisional headers are shown 显示警告临时标题
I found something possibly relevant, Network Panel: add caution about provisional request headers , but I could not fully understand it. 我发现了一些可能相关的信息,即“ 网络面板”:请增加有关临时请求标头的警告 ,但我无法完全理解它。 Related questions can be found Chrome block requests as well as XMLHttpRequest cannot load. 可以找到相关问题, Chrome阻止请求以及XMLHttpRequest无法加载。 Unloaded resources show caution: Provisional headers are shown . 卸载的资源显示警告:显示临时标头 。
Similar to the first question , my resource was blocked, but later automatically loaded the same resource. 与第一个问题类似,我的资源被阻止,但后来自动加载了相同的资源。 Unlike the second question , I don't want to fix anything; 与第二个问题不同,我不想修复任何问题。 I want to know what this message means and why I received it. 我想知道此消息的含义以及为什么收到它。
参考:https://stackoom.com/question/1QrCl/Chrome调试器中的-警告-显示了临时标题
The resource could be being blocked by an extension (AdBlock in my case). 该资源可能被扩展程序(在我的情况下为AdBlock)阻止。
The message is there because the request to retrieve that resource was never made, so the headers being shown are not the real thing. 出现该消息是因为从未提出过检索该资源的请求,因此显示的标头不是真实的东西。 As explained in the issue you referenced, the real headers are updated when the server responds, but there is no response if the request was blocked. 如您所引用的问题中所述,当服务器响应时,真实头会更新,但如果请求被阻止,则不会响应。
The way I found about the extension that was blocking my resource was through the net-internals tool in Chrome: 我发现阻止扩展程序的扩展的方法是通过Chrome中的net-internals工具:
For Latest Versions of chrome 对于最新版本的chrome
chrome://net-export/
in the address bar and hit enter. 在地址栏中输入chrome://net-export/
,然后按Enter。 For Older Versions of chrome 对于较旧版本的chrome
chrome://net-internals
in the address bar and hit enter. 在地址栏中输入chrome://net-internals
,然后按Enter。 I believe it happens when the actual request is not sent. 我相信当没有发送实际请求时会发生这种情况。 Usually happens when you are loading a cached resource. 通常在加载缓存的资源时发生。
I encountered this issue, and I managed to identify a specific cause, which isn't mentioned above either in answers or the question. 我遇到了这个问题,并且设法找到了一个特定的原因,上面在答案或问题中都没有提到。
I am running a full js stack, angular front end and node back end on SSL, and the API is on a different domain running on port 8081, so I am doing CORS requests and withCredentials as I am dropping a session cookie from the API 我正在SSL上运行完整的js堆栈,前端和节点后端的角度,并且API在端口8081上运行的其他域上,所以我正在执行CORS请求和withCredentials,因为我正在从API中删除会话cookie
So specifically my scenario was: POST request, withCredentials to port 8081 caused the "CAUTION: provisional headers are shown" message in the inspector and also of course blocked the request all together. 因此,具体来说,我的情况是:POST请求,带有到端口8081的凭据导致检查器中出现“警告:显示了临时标头”消息,当然也一起阻止了该请求。
My solution was to set up apache to proxy pass the request from the usual SSL port of 443 to the node SSL port of 8081 (node has to be on a higher port as it cannot be ran as root in prod). 我的解决方案是设置apache,以将请求从通常的SSL端口443传递到节点SSL端口8081(节点必须在更高的端口上,因为它不能作为prod中的root运行)。 So I guess Chrome doesn't like SSL requests to unconventional SSL ports, but perhaps their error message could be more specific. 因此,我认为Chrome浏览器不喜欢对非常规SSL端口的SSL请求,但也许他们的错误消息可能更具体。
This caution message also occurs if the response is invalid and therefore dropped by the browser. 如果响应无效并因此被浏览器删除,也会出现此警告消息。
In my case the request was correctly sent to the server, the server-side code then produced an error and my custom error handling returned the error message in the HTTP status message field. 在我的情况下,请求已正确发送到服务器,然后服务器端代码产生了错误,而我的自定义错误处理在HTTP状态消息字段中返回了错误消息。 But this error was not received on the client side, due to invalid characters in the error message (described here http://aspnetwebstack.codeplex.com/workitem/1386 ) which resulted in corrupt response headers. 但是由于错误消息中的无效字符(此处描述为http://aspnetwebstack.codeplex.com/workitem/1386 ),导致客户端未收到此错误,导致响应头损坏。
I came across this and it went away when I switched from https to http. 我遇到了这个问题,当我从https切换到http时,它消失了。 The SSL certs we use in dev aren't verified by a 3rd party. 我们在开发人员中使用的SSL证书未经第三方的验证。 They're just locally generated dev certs. 它们只是本地生成的开发证书。
The same calls work just fine in Chrome Canary and Firefox. 在Chrome Canary和Firefox中,相同的调用也可以正常工作。 These browsers don't appear to be as strict about the SSL cert as Chrome is. 这些浏览器似乎对SSL证书的要求不如Chrome严格。 The calls would fail in Chrome with the "CAUTION: Provisional headers..." message. 在Chrome中,调用将失败,并显示“警告:临时标头...”消息。
I think/hope that when we use a legit SSL cert in stage and prod, we won't see this behavior in Chrome anymore. 我认为/希望我们在舞台和产品中使用合法的SSL证书时,不会再在Chrome中看到此行为。