The header request and token are set when the options request is made, but it cannot be received in the background. Why?

looked at the information on the Internet and said that it was because the OPTIONS request could not carry a custom header request. Is this true?

error message

Failed to load http://192.168.1.107:8066/talk/queryList: Response to preflight request 
doesn"t pass access control check: No "Access-Control-Allow-Origin" header is present on 
the requested resource. Origin "http://192.168.1.107:8080" is therefore not allowed access.

searched the Internet and said that generally cross-domain requests will be made twice, but why do I only have one request?

OPTIONS200

the foreground axios sets, remove token to facilitate testing, and only remove every time the page is refreshed

const axios = Axios.create({
  // baseURL: "http://localhost:8066",
  baseURL: "http://192.168.1.107:8066",
  withCredentials:true,
  timeout: 5000,
  // headers: {"X-Custom-Header": "foobar"}
})

Cookies.remove("token");

axios.interceptors.request.use(
  config => {
    // tokentoken
    const token = Cookies.get("token");
    console.log(token)
    if (token) {
      // tokenheadersheaderkeyAuthorizationkey
      config.headers.token = token;
    }
    return config
  },
  error => {
    return Promise.reject(error)
  });

export default axios

background java settings

@Configuration
public class CorsConfig implements WebMvcConfigurer {
    @Override
    public void addCorsMappings(CorsRegistry registry) {
        //
        registry.addMapping("/**")
                //
                .allowedOrigins("*")
                // 
                .allowCredentials(true)
                //
                .allowedMethods("*")
                //
                .maxAge(3600);
    }

    @Override
    public void addArgumentResolvers(List<HandlerMethodArgumentResolver> argumentResolvers) {
        argumentResolvers.add(new LoginUserInfoMethodArgumentResolver());
    }
}



 public class LoginUserInfoMethodArgumentResolver implements HandlerMethodArgumentResolver {

    @Override
    public Object resolveArgument(MethodParameter arg0, ModelAndViewContainer arg1, NativeWebRequest arg2,
                                  WebDataBinderFactory arg3) throws Exception {
        return UserUtil.getUser();
    }

    @Override
    public boolean supportsParameter(MethodParameter arg0) {
        return arg0.getParameterType().equals(User.class);
    }

}  



@Configuration
@WebFilter(filterName = "myFilter", urlPatterns = "/*")
public class MyFilter implements Filter {
    @Override
    public void init(FilterConfig arg0) throws ServletException {
    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
            throws IOException, ServletException {
        HttpServletRequest req = (HttpServletRequest) request;

        String cookieToken = CookieUtils.getCookie(req, "token");

        String headerToken = req.getHeader("token");
        System.out.println("headerToken27:" + headerToken);
        if (TokenUtils.notCorrect(headerToken) && !req.getRequestURI().contains("login")) {
            return;
        }
        chain.doFilter(request, response);
    }

    @Override
    public void destroy() {
    }
}

the request can enter the background, but String headerToken = req.getHeader ("token"); it is null