W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2005

erratum in RFC 2616: 405 should not require an Allow field in response

From: Roy T. Fielding <fielding@gbiv.com>
Date: Thu, 23 Jun 2005 14:00:23 -0700
Message-Id: <40d68614138753176bae9fbe7a358bc0@gbiv.com>
To: HTTP Working Group <ietf-http-wg@w3.org>

In RFC 2616:

10.4.6 405 Method Not Allowed

    The method specified in the Request-Line is not allowed for the
    resource identified by the Request-URI. The response MUST include an
    Allow header containing a list of valid methods for the requested
    resource.

which has the effect of requiring that a server advertise all
methods to a resource.  In some cases, method implementation is
implemented across several (extensible) parts of a server and
thus not known.  In other cases, it may not be prudent to tell
an unauthenticated client all of the methods that might be
available to other clients.

I think the above should be modified to s/MUST/MAY/; does anyone
here know of a reason not to make that change?

....Roy
Received on Thursday, 23 June 2005 21:00:15 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:49:40 GMT