[PATCH] "Allow" header
Igor Sysoev
is at rambler-co.ru
Sun May 20 11:45:26 MSD 2007
On Sat, May 19, 2007 at 09:00:28PM +0000, Evan Miller wrote:
> The "Allow" header in HTTP tells a client what methods (GET, POST, DELETE, etc.)
> are permitted at a certain URL. RFC 2616
> (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.7) says that an
> HTTP 1.1 server "MUST" return an Allow header with all 405 Method Not Allowed
> responses. However, Nginx does not currently comply with this provision. Below
> is a patch to support the Allow header. It puts the burden of defining legal
> methods on handler modules, so I have modified all of the modules that return a
> 405 response to use the Allow header appropriately.
>
>
> Without patch:
>
> DELETE /static/foo.bar HTTP/1.1
> Host: tim
>
> HTTP/1.1 405 Not Allowed
> Server: nginx/0.5.20
> Date: Sat, 19 May 2007 20:22:06 GMT
> Content-Type: text/html
> Content-Length: 173
>
> <snip>
>
>
> With patch:
>
> DELETE /static/foo.bar HTTP/1.1
> Host: tim
>
> HTTP/1.1 405 Not Allowed
> Server: nginx/0.5.20
> Date: Sat, 19 May 2007 20:22:06 GMT
> Content-Type: text/html
> Content-Length: 173
> Allow: GET, HEAD
>
> <snip>
>
>
> The patch works by letting modules set r->headers_out.allow_methods to a bitwise
> OR'd representation of the methods they allow. Modules can also set the Allow
> header explicitly and store the resulting ngx_table_elt_t in
> r->headers_out.allow, in which case the bitwise representation will be ignored.
> This follows the pattern of the other headers.
>
> Comments appreciated.
Thank you for your patch, however, I do not see any practical use of the
"Allow" header line. Yes, it must be set according to HTTP/1.1, but is
there any client that can use this information ?
--
Igor Sysoev
http://sysoev.ru/en/
More information about the nginx
mailing list