Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

HEAD requests must not expect to find a response body schema #575

Closed
equalspeterd opened this issue Aug 30, 2019 · 0 comments · Fixed by #603
Assignees
Labels
bug
Milestone

Comments

@equalspeterd
Copy link

@equalspeterd equalspeterd commented Aug 30, 2019

Describe the bug
When defining HEAD requests, we do not define response bodies on purpose, because HEAD never returns a body. However, in the current response selection logic, HEAD is processed the same as any other request, and when it fails to find any suitable response schema (as it shouldn't), it returns a 406 response (I have attempted to vary the Accept header values requests out of curiosity, but always saw 406 client error responses). NOTE: curl, by default, when not supplied with a specific Accept header, inserts Accept: */*, which is consistent with RFC7231:

A request without any Accept header field implies that 
the user agent will accept any media type in response.

To Reproduce

  1. Given this OpenAPI document (this is a fragment WIP of the ACME protocol defined in RFC8555, which is the APIs used for "Lets Encrypt")
openapi: '3.0.1'
# ...
  /key/new-nonce:
    description: Obtain an initialization nonce for inclusion in subsequent ACME requests
    summary: Key Service Nonce Request
    head:
      summary: getNewNonce
      description: Request a new replay protection nonce
      operationId: getNewNonce
      responses:
        '200':
          headers:
            Replay-Nonce:
              description: The Replay nonce is used for each request to the key service. It may only be used once, after which it is no longer valid. Each key service response will include
              schema:
                type: string
# ... other paths...
  1. Run this CLI command
    curl --head http://localhost:4010/key/new-nonce
  2. See error
[HTTP SERVER] head /key/new-nonce ℹ  info      Request received
[NEGOTIATOR] ℹ  info      Request contains an accept header: application/jose+json, application/problem+json, */*
[VALIDATOR] ✔  success   The request passed the validation rules. Looking for the best response
[NEGOTIATOR] ⚠  warning   Unable to find a content for */*
[HTTP SERVER] head /key/v1/new-nonce ✖  error     Request terminated with error: https://stoplight.io/prism/errors#NOT_ACCEPTABLE: The server cannot produce a representation for your accept header

the problem bit being [NEGOTIATOR] ⚠ warning Unable to find a content for */*

Expected behavior
A 200 response with Replay-Nonce: <nonce value> and a null body.

Environment (remove any that are not applicable):

  • Library version: 3.0.3
@equalspeterd equalspeterd added the bug label Aug 30, 2019
@lag-of-death lag-of-death self-assigned this Sep 11, 2019
@lag-of-death lag-of-death added this to the Sept '19 milestone Sep 11, 2019
@lag-of-death lag-of-death mentioned this issue Sep 11, 2019
1 of 2 tasks complete
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.