Skip to content
This repository has been archived by the owner. It is now read-only.

API User Details returns 404 instead of 405 #4636

Open
openstreetmap-trac opened this issue Jul 23, 2021 · 3 comments
Open

API User Details returns 404 instead of 405 #4636

openstreetmap-trac opened this issue Jul 23, 2021 · 3 comments

Comments

@openstreetmap-trac
Copy link

@openstreetmap-trac openstreetmap-trac commented Jul 23, 2021

Reporter: andrew[at]scss.com.au
[Submitted to the original trac issue database at 2.39am, Wednesday, 17th October 2012]

When http://api.openstreetmap.org/api/0.6/user/details is accessed using the POST method instead of GET, it returns a 404 error instead of a 405.

Reproducible by using http://web-sniffer.net/ and selecting the POST method and entering the above URL.

@openstreetmap-trac
Copy link
Author

@openstreetmap-trac openstreetmap-trac commented Jul 23, 2021

Author: TomH
[Added to the original trac issue at 3.08pm, Wednesday, 17th October 2012]

This is a "feature" of rails where if you have routes that are qualified by what methods they accept (as all ours are) then when they fail to match they are ignored and you eventually get a 404 because no route matched.

There isn't really anything we can (easily) do about this I'm afraid.

@openstreetmap-trac
Copy link
Author

@openstreetmap-trac openstreetmap-trac commented Jul 23, 2021

Author: andrew[at]scss.com.au
[Added to the original trac issue at 3.36pm, Wednesday, 17th October 2012]

I don't know anything about rails (apart from what I've read in the last five minutes), but then it sounds as though you'd have to add routes for all the methods you don't support and send them to a 405 response? Or is there a default route you could add after all the explicit methods have been matched?

@openstreetmap-trac
Copy link
Author

@openstreetmap-trac openstreetmap-trac commented Jul 23, 2021

Author: TomH
[Added to the original trac issue at 4.15pm, Wednesday, 17th October 2012]

Well you can't have a default route that returns 405 because then it would do so for URLs which really don't exist.

You would have to duplicate each URL with a second "match all" version that returned 405 and that is just not scalable.

This should really be fixed in rails' URL matcher so that it remembers if the URL would have matched except for the method qualification and then returns 405 in that case.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
1 participant