SAPUI5应用在发送OData批量请求前会通过如下_createBatchRequest方法构造批量请求对象:varoBatchRequest=that._createBatchRequest(aReadRequests);request对象的data字段包含了batch的具体payload:Invoices?$skip=0&$top=100&$orderby=ShipperName%20ascInvoices/$count请求头字段Accept是multipart/mixed:然后传oWrappedBatchRequestHandle.oRequestHandle=那个。_submitBatchRequest(oBatchRequest,aBatchGroup,fnSuccess,fnError)方法提交。tokenhandlingflag为true,方法不是POST,所以在执行批量操作之前,必须先获取CSRFtoken:进入函数refreshSecurityToken。构造发起token请求的request对象:url为:https://services.odata.org/V2...先尝试head请求,如果报错,再切换到get请求://初始尝试方法“HEAD”,错误处理程序回落到“GET”,除非标志禁止HEAD请求}else{mTokenRequest.request=requestToken("HEAD",handleHeadError);}HTTP请求requesttoken的content-type设置逻辑与标志位bJson相关:requestobject:最重要的头域x-csrf-token,取值填写为fetch:functionrequestToken(sRequestType,fnError){//触发读取服务url以获取令牌oRequest=that._createRequest(sUrl,"",sRequestType,that._getHeaders(undefined,true),null,null,!!bAsync);oRequest.headers["x-csrf-token"]="获取";returnthat._request(oRequest,handleSuccess,fnError,undefined,undefined,that.getServiceMetadata());}执行完head请求后,响应状态码为200,但responseText字段值为空仍然进入成功回调:使用handler读取token请求的响应,该handler支持的content-type类型:application/atomsvc??+xml;q=0.8,application/json;odata=fullmetadata;q=0.7,application/json;q=0.5,/;q=0.1这里由于response.body为空,dispatchHandler的处理逻辑不能被进入:然后进入refreshToken的回调:当然获取不到token:进入else分支:清除所有相关的token标志:ODataModel.prototype.resetSecurityToken=function(){deletethis.oSharedServiceData.securityToken;删除this.oHeaders["x-csrf-token"];删除this.pSecurityToken;};resolveanemptytokentocallback:thisheadrequest响应码为200,但是响应头没有附加csrftoken:更多Jerry的原创文章在这里:《汪子熙》:
