in: webIssues in web modules (web, webmvc, webflux, websocket)status: backportedAn issue that has been backported to maintenance branchestype: bugA general bug
The HEAD method is identical to GET except that the server MUST NOT
return a message-body in the response. The metainformation contained
in the HTTP headers in response to a HEAD request SHOULD be identical
to the information sent in response to a GET request.
calling request.checkNotModified(lastModified) and returning null. The
former sets the response status to 304
As a consequence of the current implementation, applications which follow that recommendation violate against HTTP. In simple words: I had some fun debugging my application for a missing 304 status code while firing HEAD requests with wget --server-response --spider on it.
I suggest to respect HEAD in the mentioned methods identically to GET.
in: webIssues in web modules (web, webmvc, webflux, websocket)status: backportedAn issue that has been backported to maintenance branchestype: bugA general bug
2 participants
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.
Markus Malkusch opened SPR-11317 and commented
ServletWebRequest.checkNotModified() methods don't treat a HEAD request identically to a GET request (in fact they don't consider HEAD at all).
HTTP says:
Spring's reference documentation suggests to call WebRequest.checkNotModified() to set the status code to 304:
As a consequence of the current implementation, applications which follow that recommendation violate against HTTP. In simple words: I had some fun debugging my application for a missing 304 status code while firing HEAD requests with wget --server-response --spider on it.
I suggest to respect HEAD in the mentioned methods identically to GET.
For test case and fix see #440
Affects: 3.2.6, 4.0 GA
Reference URL: #440
Backported to: 3.2.7
The text was updated successfully, but these errors were encountered: