Open progval opened 4 years ago
Thanks for the report, @ProgVal! Can you point to a source that explains why this endpoint should return a 400
instead of a 405
? That'll help us triage this.
Either way, this will need to be fixed in the writeas/go-webfinger repo.
From [RFC 2616]https://tools.ietf.org/html/rfc2616#section-9.4):
9.4 HEAD
The HEAD method is identical to GET except that the server MUST NOT return a message-body in the response. The metainformation contained in the HTTP headers in response to a HEAD request SHOULD be identical to the information sent in response to a GET request. This method can be used for obtaining metainformation about the entity implied by the request without transferring the entity-body itself. This method is often used for testing hypertext links for validity, accessibility, and recent modification.
My motivation for using HEAD on this endpoint is I want to check cheaply whether a domain name supports WebFinger.
Got it, thank you! We'll get this fixed then -- transferring it to the correct repo.
Thanks!
Describe the bug
HEAD requests to
/.well-known/webfinger
return "405 Method Not Allowed", instead of returning 400 (like GET)Steps to reproduce (if necessary)
Expected behavior
error 400 should be returned on HEAD requests
Application configuration
Version or last commit: v0.12.0