DEVHIDE
Login Or Sign up

an unexpected request with sec-fetch-mode: none, who triggered it?

232 Views Asked by At

I send a request ONLY ONCE in the browser but got 2 requests logged in the server. One of them is not expected and I wonder which mechanism triggered it.

The details

  1. Only under Chrome (see the HTTP header for version). Safari does not trigger it.
  2. Both of the logged requests are GET requests ( not a preflight I guess )

The differences are in the headers as below shows

enter image description here

The left one is what I'm expecting, as you can see my custom header 'abc'='123' there. The right one I don't really get where is it come from.

I checked 'Sec-fetch-site': 'none' saying that it's a user operation triggered request. But what I do is simply refreshing the browser. And as you can see from 'Referer' header on the left, what I refresh is "localhost:3111/lp/..." not "/sources.list"

The complete headers (don't read, just FYI)

First (expected)

[
  [ 'Host', 'localhost:3111' ],
  [ 'Connection', 'keep-alive' ],
  [
    'sec-ch-ua',
    '"Chromium";v="112", "Google Chrome";v="112", "Not:A-Brand";v="99"'
  ],
  [ 'abc', '123' ],
  [ 'content-type', 'application/json' ],
  [ 'sec-ch-ua-mobile', '?0' ],
  [
    'User-Agent',
    'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36'
  ],
  [ 'sec-ch-ua-platform', '"macOS"' ],
  [ 'Accept', '*/*' ],
  [ 'Sec-Fetch-Site', 'same-origin' ],
  [ 'Sec-Fetch-Mode', 'cors' ],
  [ 'Sec-Fetch-Dest', 'empty' ],
  [
    'Referer',
    'http://localhost:3111/lp/44104bf9-c011-4b76-9b28-81416711e827'
  ],
  [ 'Accept-Encoding', 'gzip, deflate, br' ],
  [ 'Accept-Language', 'zh-CN,zh;q=0.9,en;q=0.8,zh-TW;q=0.7' ],
  [
    'Cookie',
    'sessions=%7B%7D; lastSignedIn=emailMagicLink; Idea-2c8ec7e9=7040e8cb-a902-4428-aa83-ee204ad56626; _xsrf=2|25b6023f|81dc3651ce8f50fb7837c48818d2a02a|1677900074; express_sid=s%3AqccgB6sOcy5YBP_MxUDbknYuUGkm8fH3.OFKlxJBixG8AVlmVhdwcoaxnb1W0ibR4N%2BHBRWreFEM; token=t.RmzJJ4wvn8AGgzk6kszg; prefsHttp={%22chatAlwaysVisible%22:true}'
  ]
]

The second (NOT expected)

 [
  [ 'Host', 'localhost:3111' ],
  [ 'Connection', 'keep-alive' ],
  [
    'sec-ch-ua',
    '"Chromium";v="112", "Google Chrome";v="112", "Not:A-Brand";v="99"'
  ],
  [ 'sec-ch-ua-mobile', '?0' ],
  [
    'User-Agent',
    'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36'
  ],
  [ 'sec-ch-ua-platform', '"macOS"' ],
  [ 'Accept', '*/*' ],
  [ 'Sec-Fetch-Site', 'none' ],
  [ 'Sec-Fetch-Mode', 'cors' ],
  [ 'Sec-Fetch-Dest', 'empty' ],
  [ 'Accept-Encoding', 'gzip, deflate, br' ],
  [ 'Accept-Language', 'zh-CN,zh;q=0.9,en;q=0.8,zh-TW;q=0.7' ],
  [
    'Cookie',
    'sessions=%7B%7D; lastSignedIn=emailMagicLink; Idea-2c8ec7e9=7040e8cb-a902-4428-aa83-ee204ad56626; _xsrf=2|25b6023f|81dc3651ce8f50fb7837c48818d2a02a|1677900074; express_sid=s%3AqccgB6sOcy5YBP_MxUDbknYuUGkm8fH3.OFKlxJBixG8AVlmVhdwcoaxnb1W0ibR4N%2BHBRWreFEM; token=t.RmzJJ4wvn8AGgzk6kszg; prefsHttp={%22chatAlwaysVisible%22:true}'
  ]
]
google-chrome sec-fetch-site sec-fetch-mode
Original Q&A
0

There are 0 best solutions below

Related Questions in GOOGLE-CHROME

Related Questions in SEC-FETCH-SITE

Related Questions in SEC-FETCH-MODE

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs

Popular Questions

.

Copyright © 2021 Jogjafile Inc.