Opened 8 years ago

Last modified 8 years ago

#27344 closed Bug

ConditionalGetMiddleware should not operate on unsafe requests — at Initial Version

Reported by: Kevin Christopher Henry Owned by: nobody
Component: HTTP handling Version: 1.10
Severity: Normal Keywords:
Cc: Triage Stage: Ready for checkin
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

With unsafe methods (PUT, etc.) the appropriate conditional response would be a 412 Precondition Failed response, which should prevent the request from being carried out. But by definition ConditionalGetMiddleware acts after the response has been generated, so it’s too late. The PR below includes a regression test where the middleware inappropriately changes the response to a 412 after applying the unsafe operation.

Change History (0)

Note: See TracTickets for help on using tickets.
Back to Top