Re: Bodies on GET (again) - was Re: RFC7234: Can a request body form part of a "cache key"?

On Thu, Jul 28, 2016 at 08:32:54AM +0200, Willy Tarreau wrote:
> > Maybe at least be a little stronger in the language?
> > 
> > e.g. clients SHOULD not send bodies on GET.
> I tend to think that the way it is done right now ensures that nobody is
> willing to make shortcuts in their parsers and that's important. However
> what we could have done (I thought we had it but can't find it) would be
> to mention that a server MAY reject a GET with a body. That's more
> dissuasive for clients and that still indicates that the server is not
> allowed to be lazy on this.

Just found it after sending, that's at the end of 4.3.1 in #7231 :

   A payload within a GET request message has no defined semantics;
   sending a payload body on a GET request might cause some existing
   implementations to reject the request.

It's less strong than what I thought however, I think we could suggest
servers to reject these requests if they don't intend to process the
body (nor simply to parse it).


Received on Thursday, 28 July 2016 06:36:15 UTC