Open ehiggs opened 8 years ago
Why not return 405 everywhere?
Well if you try to make a request using GETT
then it's a bad request. If you make a request for TRACE
and iron/staticfile doesn't support it then it's a method which is not allowed. At least, I think so.
Do you think that because the GETT method can't possibly exist? There are a few RFCs out there that define their own methods. Most notably WebDAV and CalDAV with MOVE, COPY, MKCOL, MKCALENDAR, PROPFIND
That's what I meant. I guess 405 does make sense everywhere then. Some servers do return this but it's inconsistent:
$ for url in google.com mozilla.org reddit.com microsoft.com rust-lang.org github.com facebook.com amazon.com; do echo $url '->' $(curl -X GETT -w '%{http_code}' -o /dev/null -s -L $url); done
google.com -> 405
mozilla.org -> 200
reddit.com -> 429
microsoft.com -> 400
rust-lang.org -> 403
github.com -> 403
facebook.com -> 400
amazon.com -> 503
501 NOT IMPLEMENTED might also be a good choice.
If the request is not in {GET, HEAD, PUT, POST, DELETE, TRACE, CONNECT, PATCH} then it should return 400 BAD REQUEST.
If the request is not in {GET, HEAD} then iron can return 405 METHOD NOT ALLOWED.
(On from #54).