Get request with Body - Rejecting as per RFC | Redfish Specification Forum

AMI_Mani
Tuna

AMI

Posts: 178

Get request with Body - Rejecting as per RFC Apr 28, 2022 13:48:56 GMT

Quote

Post by AMI_Mani on Apr 28, 2022 13:48:56 GMT

Hi,
As per Redfish specification, we have below point in 7.2.1 GET (read requests) overview

The service shall ignore the content of the body on a GET

As per datatracker.ietf.org/doc/html/rfc7231

A payload within a GET request message has no defined semantics;

sending a payload body on a GET request might cause some existing

implementations to reject the request.

Can service implementation reject the request as per above RFC comments?

Thanks,
Mani

mraineri
Administrator

Posts: 1,134

Get request with Body - Rejecting as per RFC Apr 29, 2022 14:53:15 GMT

Quote

Post by mraineri on Apr 29, 2022 14:53:15 GMT

With the wording of the spec today, no, you cannot reject the request. RFC7231 doesn't have any behavioral semantics with this other than a note that an implementation might reject the request (not a shall); I suspect that was added to clarify that older implementations predating RFC7231 have some known behaviors that are worth mentioning.

AMI_Mani
Tuna

AMI

Posts: 178

Get request with Body - Rejecting as per RFC May 2, 2022 8:40:42 GMT

Quote

Post by AMI_Mani on May 2, 2022 8:40:42 GMT

Thanks for the reply.

Even lighttpd now also returning bad request in current version(not with old version)

github.com/lighttpd/lighttpd2/blob/master/src/main/request.c#L281

case LI_HTTP_METHOD_GET:

case LI_HTTP_METHOD_HEAD:

/* content-length is forbidden for those */

if (con->mainvr->request.content_length > 0) {

VR_ERROR(con->mainvr, "%s", "GET/HEAD with content-length -> 400");

bad_request(con, 400); /* bad request */

return FALSE;

}

con->mainvr->request.content_length = 0;

break;

Thanks,
Mani