New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Set status to 405 when the method is wrong but route matches #50
Comments
For the Allow header, where GET is allowed, HEAD should be too. That one would be easy forget. |
wfaler mentions both servlets and filters. Servlet is straightforward, but filter is trickier: if we don't find a route, then we call the filter chain, which may or may not support the method. How does the filter know what the servlet supported without a working response.getStatusCode? Do we need to make GetResponseStatusWrapper standard? And what if different methods are supported by different filters in the chain? Do we need to support aggregating allowed methods through the chain? |
Even if we had response.getStatusCode, the servlet would have already committed the 404. There's no good way for a filter to call the chain and then set the 405 only if the chain did nothing useful. Maybe we should have a methodNotAllowed hook. Default implementation sends a 405, but ScalatraFilters are welcome to override and call the chain, just like notFound does. |
Not closed yet due to corner cases:
These free methods from the servlet spec will all need to be kept in mind in SSGI. As Cinderella once sang, "You don't know what you've got, 'til it's gone." Yeah, it's 2:30am, and I'm quoting Cinderella. |
We don't actually call the servlet's default OPTION and TRACE, so those other corner cases don't actually exist yet. |
http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.6
Set status to 405
Set Allow header
The text was updated successfully, but these errors were encountered: