httpbis: Ticket #24: Requiring Allow in 405 responses

Link:  http://trac.tools.ietf.org/wg/httpbis/trac/ticket/24

Origin:  http://www.w3.org/mid/40d68614138753176bae9fbe7a358bc0@gbiv.com

Component: p2-semantics

In RFC 2616, section 10.4.6 405 Method Not Allowed:

The method specified in the Request-Line is not allowed for the resource identified by the Request-URI. The response MUST include an Allow header containing a list of valid methods for the requested resource.

which has the effect of requiring that a server advertise all methods to a resource. In some cases, method implementation is implemented across several (extensible) parts of a server and thus not known. In other cases, it may not be prudent to tell an unauthenticated client all of the methods that might be available to other clients.

Mails

• erratum in RFC 2616: 405 should not require an Allow field in response Roy T. Fielding (fielding@gbiv.com) (2005-06-23)
  • Re: erratum in RFC 2616: 405 should not require an Allow field in response Alex Rousskov (rousskov@measurement-factory.com) (2005-06-23)
    • Re: erratum in RFC 2616: 405 should not require an Allow field in response Roy T. Fielding (fielding@gbiv.com) (2005-06-23)
      • Re: erratum in RFC 2616: 405 should not require an Allow field in response Alex Rousskov (rousskov@measurement-factory.com) (2005-06-24)
    • Re: erratum in RFC 2616: 405 should not require an Allow field in response Yves Lafon (ylafon@w3.org) (2005-06-24)
• PROPOSAL: i24 Requiring Allow in 405 Responses Mark Nottingham (mnot@mnot.net) (2008-03-17)
  • Re: PROPOSAL: i24 Requiring Allow in 405 Responses Stefan Eissing (stefan.eissing@greenbytes.de) (2008-03-17)
    • Re: PROPOSAL: i24 Requiring Allow in 405 Responses Mark Nottingham (mnot@mnot.net) (2008-03-17)
    • Re: PROPOSAL: i24 Requiring Allow in 405 Responses Julian Reschke (julian.reschke@gmx.de) (2008-03-17)
      • RE: PROPOSAL: i24 Requiring Allow in 405 Responses Brian Smith (brian@briansmith.org) (2008-03-18)
        • Re: PROPOSAL: i24 Requiring Allow in 405 Responses Julian Reschke (julian.reschke@gmx.de) (2008-03-18)
          • Re: PROPOSAL: i24 Requiring Allow in 405 Responses Henrik Nordstrom (henrik@henriknordstrom.net) (2008-03-18)
        • RE: PROPOSAL: i24 Requiring Allow in 405 Responses Henrik Nordstrom (henrik@henriknordstrom.net) (2008-03-18)
          • Re: PROPOSAL: i24 Requiring Allow in 405 Responses John Kemp (john@jkemp.net) (2008-03-18)
            • Re: PROPOSAL: i24 Requiring Allow in 405 Responses Mark Nottingham (mnot@mnot.net) (2008-03-19)
              • Re: PROPOSAL: i24 Requiring Allow in 405 Responses Stefan Eissing (stefan.eissing@greenbytes.de) (2008-03-19)
              • Re: PROPOSAL: i24 Requiring Allow in 405 Responses Julian Reschke (julian.reschke@gmx.de) (2008-03-19)
              • Re: PROPOSAL: i24 Requiring Allow in 405 Responses Henrik Nordstrom (henrik@henriknordstrom.net) (2008-03-19)
                • Re: PROPOSAL: i24 Requiring Allow in 405 Responses Julian Reschke (julian.reschke@gmx.de) (2008-03-20)
                  • Re: PROPOSAL: i24 Requiring Allow in 405 Responses David Morris (dwm@xpasc.com) (2008-03-20)
                  • Re: PROPOSAL: i24 Requiring Allow in 405 Responses Henrik Nordstrom (henrik@henriknordstrom.net) (2008-03-20)
                • RE: PROPOSAL: i24 Requiring Allow in 405 Responses Brian Smith (brian@briansmith.org) (2008-03-20)
                  • RE: PROPOSAL: i24 Requiring Allow in 405 Responses Henrik Nordstrom (henrik@henriknordstrom.net) (2008-03-20)
                • Re: PROPOSAL: i24 Requiring Allow in 405 Responses Mark Nottingham (mnot@mnot.net) (2008-03-20)
                  • Re: PROPOSAL: i24 Requiring Allow in 405 Responses Henrik Nordstrom (henrik@henriknordstrom.net) (2008-03-20)
                    • Re: PROPOSAL: i24 Requiring Allow in 405 Responses Mark Nottingham (mnot@mnot.net) (2008-03-25)
                      • Re: PROPOSAL: i24 Requiring Allow in 405 Responses Henrik Nordstrom (henrik@henriknordstrom.net) (2008-03-25)
                    • Re: PROPOSAL: i24 Requiring Allow in 405 Responses Julian Reschke (julian.reschke@gmx.de) (2008-03-25)
                      • Re: PROPOSAL: i24 Requiring Allow in 405 Responses Henrik Nordstrom (henrik@henriknordstrom.net) (2008-03-25)
  • Re: PROPOSAL: i24 Requiring Allow in 405 Responses Robert Siemer (Robert.Siemer-httpwg@backsla.sh) (2008-03-17)
  • Re: PROPOSAL: i24 Requiring Allow in 405 Responses Henrik Nordstrom (henrik@henriknordstrom.net) (2008-03-18)
• Re: PROPOSAL: i24 Requiring Allow in 405 Responses Julian Reschke (julian.reschke@gmx.de) (2008-04-02)
  • Re: PROPOSAL: i24 Requiring Allow in 405 Responses Henrik Nordstrom (henrik@henriknordstrom.net) (2008-04-02)
    • Updated Proposal: i24 Requiring Allow in 405 Responses Mark Nottingham (mnot@mnot.net) (2008-04-03)
      • Re: Updated Proposal: i24 Requiring Allow in 405 Responses Julian Reschke (julian.reschke@gmx.de) (2008-04-06)
        • Re: Updated Proposal: i24 Requiring Allow in 405 Responses Henrik Nordstrom (henrik@henriknordstrom.net) (2008-04-06)
          • Re: Updated Proposal: i24 Requiring Allow in 405 Responses Mark Nottingham (mnot@mnot.net) (2008-04-07)
            • Re: Updated Proposal: i24 Requiring Allow in 405 Responses John Kemp (john@jkemp.net) (2008-04-09)
              • Re: Updated Proposal: i24 Requiring Allow in 405 Responses Adrien de Croy (adrien@qbik.com) (2008-04-09)
                • Re: Updated Proposal: i24 Requiring Allow in 405 Responses Adrien de Croy (adrien@qbik.com) (2008-04-09)
              • Re: Updated Proposal: i24 Requiring Allow in 405 Responses David Morris (dwm@xpasc.com) (2008-04-09)
                • Re: Updated Proposal: i24 Requiring Allow in 405 Responses Julian Reschke (julian.reschke@gmx.de) (2008-04-09)
                • Re: Updated Proposal: i24 Requiring Allow in 405 Responses John Kemp (john@jkemp.net) (2008-04-09)
                  • Re: Updated Proposal: i24 Requiring Allow in 405 Responses Julian Reschke (julian.reschke@gmx.de) (2008-04-09)
            • Re: Updated Proposal: i24 Requiring Allow in 405 Responses Julian Reschke (julian.reschke@gmx.de) (2008-04-09)
              • Re: Updated Proposal: i24 Requiring Allow in 405 Responses [240] Julian Reschke (julian.reschke@gmx.de) (2008-04-10)
              • Re: Updated Proposal: i24 Requiring Allow in 405 Responses Henrik Nordstrom (henrik@henriknordstrom.net) (2008-04-10)
                • Re: Updated Proposal: i24 Requiring Allow in 405 Responses Julian Reschke (julian.reschke@gmx.de) (2008-04-10)

Associated Checkins

julian.reschke@gmx.de (Thu, 10 Apr 2008 06:16:48 GMT)

[240]: Resolve #24: relax requirements for contents of Allow header (closes #24).

History

: comment added (Thu, 20 Dec 2007 03:19:09 GMT)

Proposal: Change the MUST to MAY in 10.4.6.

: comment added; version, component, milestone set (Fri, 04 Jan 2008 06:17:45 GMT)

• version set to d00
• component set to semantics
• milestone set to unassigned

: comment added (Mon, 17 Mar 2008 09:56:53 GMT)

Proposal:

• In p2 10.1, change "The actual set of allowed methods is defined by the origin server at the time of each request." to "The actual set of allowed methods is defined by the origin server at the time of each request, and may not necessarily include all (or any) methods that the server would actually allow in a request if presented." (with normal editorial discretion)

• In p2 10.1, remove "However, the indications given by the Allow header field value SHOULD be followed."

: comment added; attachment set (Mon, 17 Mar 2008 12:17:50 GMT)

• attachment set to i24.diff

Proposed change (see http://lists.w3.org/Archives/Public/ietf-http-wg/2008JanMar/0609.html )

: comment added (Fri, 04 Apr 2008 00:19:19 GMT)

Updated proposal: * In the definition of Allow, change:

The Allow entity-header field lists the set of methods supported by the resource identified by the Request-URI.

to

The Allow entity-header field advertises a set of methods as supported by the resource identified by the Request-URI.

* And, remove:

This field cannot prevent a client from trying other methods. However, the indications given by the Allow header field value SHOULD be followed.

: comment added; resolution set; status changed (Thu, 10 Apr 2008 06:16:48 GMT)

• status changed from new to closed.
• resolution set to fixed

Fixed in [240]:

Resolve #24: relax requirements for contents of Allow header (closes #24).

Related Information

Issues List Index