我在 Spring boot 中有一些关于 Pre-flight Filter 的代码，但我不知道这段代码的用途：@Component// We want to put this in front of SpringSessionFilter@Order(Ordered.HIGHEST_PRECEDENCE)public class RequestFilter {    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) {        HttpServletRequest request = (HttpServletRequest) req;        HttpServletResponse response = (HttpServletResponse) res;        response.setHeader("Access-Control-Allow-Origin", "*");        response.setHeader("Access-control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE");        response.setHeader("Access-Control-Allow-Headers", "x-requested-with, x-auth-token");        response.setHeader("Access-Control-Max-Age", "3600");        response.setHeader("Access-Control-Allow-Credentials", "true");        if(!(request.getMethod().equalsIgnoreCase("OPTIONS"))) {            try {                chain.doFilter(req, res);            } catch (Exception e) {                e.printStackTrace();            }        } else {            System.out.println("Pre-fight");            response.setHeader("Access-Control-Allowed-Methods", "POST, GET, DELETE");            response.setHeader("Access-Control-Max-Age", "3600");            response.setHeader("Access-Control-Allow-Headers", "authorization, content-type, x-auth-token, " +                    "access-control-request-headers,access-control-request-method,accept,origin,authorization,x-requested-with");            response.setStatus(HttpServletResponse.SC_OK);        }    }    public void init(FilterConfig filterConfig) {}    public void destroy() {}}这是这个文件的解释：所以当 Angular 2 发送一个 http post ajax 调用时，它会首先发送一个飞行前的方法类型不是“POST”而是“OPTIONS”。如果这个预检有一个有效的响应，那么它将开始发送真正的 http post。这是为了防止跨站攻击。在后端，spring 对此没有开箱即用的处理。所以我们需要检查 http 方法是否是预检。如果是，我们将只用有效的标头和信息进行响应。如果没有，我们将继续过滤器链。但是看不懂源码。任何人都可以为我解释吗？