Usage of HTTP 501 vs 405 for missing methods.

[evert]

Original author: evert...@gmail.com (February 23, 2010 08:19:47)

Basically, the rule is:

HTTP 501 for methods we don't recognize
HTTP 405 for methods we don't recognize for one particular resource.

We are using 501 in a couple of places where 405 is more appropriate

• Locks_Plugin (resource does not support locks)
• GET/HEAD on Collection resource

The problem with using 405 for this instead, is the following clause:

The response MUST include an
Allow header containing a list of valid methods for the requested
resource.

This constraint has actually been violated in 6 other instances (just do a
grep).

Original issue: http://code.google.com/p/sabredav/issues/detail?id=20

[evert]

From evert...@gmail.com on April 23, 2010 12:09:57:
Fixed on mercurial.

[ORESoftware]

maybe? https://medium.com/@the1mills/use-http-501-not-404-for-your-final-api-handler-94ff2994e928

[evert]

You found a 10 year old ticket =)

501 is a nice indicator that a developer just hasn't done something, but unfortunately it's also technically incorrect: https://evertpot.com/http/501-not-implemented