On Sat, May 19, 2007 at 09:00:28PM +0000, Evan Miller wrote:
The "Allow" header in HTTP tells a client what methods (GET, POST, DELETE, etc.)
are permitted at a certain URL. RFC 2616
(http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.7) says that an
HTTP 1.1 server "MUST" return an Allow header with all 405 Method Not Allowed
responses. However, Nginx does not currently comply with this provision. Below
is a patch to support the Allow header. It puts the burden of defining legal
methods on handler modules, so I have modified all of the modules that return a
405 response to use the Allow header appropriately.
Without patch:
DELETE /static/foo.bar HTTP/1.1
Host: tim
HTTP/1.1 405 Not Allowed
Server: nginx/0.5.20
Date: Sat, 19 May 2007 20:22:06 GMT
Content-Type: text/html
Content-Length: 173
<snip>
With patch:
DELETE /static/foo.bar HTTP/1.1
Host: tim
HTTP/1.1 405 Not Allowed
Server: nginx/0.5.20
Date: Sat, 19 May 2007 20:22:06 GMT
Content-Type: text/html
Content-Length: 173
Allow: GET, HEAD
<snip>
The patch works by letting modules set r->headers_out.allow_methods to a bitwise
OR'd representation of the methods they allow. Modules can also set the Allow
header explicitly and store the resulting ngx_table_elt_t in
r->headers_out.allow, in which case the bitwise representation will be ignored.
This follows the pattern of the other headers.
Comments appreciated.
Thank you for your patch, however, I do not see any practical use of the
"Allow" header line. Yes, it must be set according to HTTP/1.1, but is
there any client that can use this information ?
6 messages in ru.sysoev.nginxRe: [PATCH] "Allow" header
