-
-
Notifications
You must be signed in to change notification settings - Fork 6.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
transfer: Switch PUT to GET/HEAD on 303 redirect #5248
Conversation
Prior to this change if there was a 303 reply to a PUT request then the subsequent request to respond to that redirect would also be a PUT. It was determined that was most likely incorrect based on the language of the RFCs. Basically 303 means "see other" resource, which implies it is most likely not the same resource, therefore we should not try to PUT to that different resource. Refer to the discussion in curl#5237 for more information. Fixes curl#5237 Closes #xxxx
I'd like to hear the clarification of the HTTP WG before this gets merged. |
I believe this change matches what the spirit of RFC 7231 section 6.4.4 seems to be. I do however think that this change also requires a test to verify it. I could only spot test 1332 when looking for existing tests using 303. |
@michael-o do you have an update? I would like to land this before the release next week. |
@jay I did not inquire anything with the HTTP WG. I expect this either you doing or @PofMagicfingers. I have just expressed my concerns. |
I did send an email to the http-wg mailing list a week ago, but as I'm not a member of their mailing list my message is pending manual processing. I've had no news about it and the question is not yet published : https://lists.w3.org/Archives/Public/ietf-http-wg/2020AprJun/thread.html |
@PofMagicfingers You can also try the GitHub project of them. @reschke, can you help? |
I would recommend to subscribe to the mailing list and re-post. |
@reschke Indeed. Reposted and it worked : Thanks! |
We got an answer : https://lists.w3.org/Archives/Public/ietf-http-wg/2020AprJun/0046.html
|
Thanks |
Prior to this change if there was a 303 reply to a PUT request then
the subsequent request to respond to that redirect would also be a PUT.
It was determined that was most likely incorrect based on the language
of the RFCs. Basically 303 means "see other" resource, which implies it
is most likely not the same resource, therefore we should not try to PUT
to that different resource.
Refer to the discussion in #5237 for more information.
Fixes #5237
Closes #xxxx
In Curl_http it will override the request string to PUT when data->set.upload is true, which is why I decided to fix this issue by setting data->set.upload as false on 303.
curl/lib/http.c
Lines 2070 to 2073 in b81e0b0
/cc @PofMagicfingers @jzakrzewski