Regards,
Nicolas
2005/8/10, Nicolas Lehuen <[EMAIL PROTECTED]>:
This is particularly tricky. I don't know how many app server prevent content from being returned on a HEAD request, but I guess there aren't too many. However, it's a MUST NOT, so it should be prevented.
Maybe mod_python could replace req.write with a NOP function whenever the request method is HEAD ?
Regards,
Nicolas2005/8/10, Juha-Matti Tapio <[EMAIL PROTECTED] >:On Wed, Aug 10, 2005 at 10:08:08PM +1000, Graham Dumpleton wrote:-----BEGIN PGP SIGNATURE-----
> Okay. What though are the implications of content still being returned
> for a HEAD request. What does the standard say about that?
RFC 2616, 9.4 HEAD
The HEAD method is identical to GET except that the server MUST NOT return
a message-body in the response. The metainformation contained in the HTTP
headers in response to a HEAD request SHOULD be identical to the
information sent in response to a GET request.
Ok, now that I read the standard again, it seems that the preferable way to
implement this is to somehow prevent the bytes written from being sent.
Though I have no idea how the user agents would react if they did receive
a message body on HEAD.
--
Tmi Juha-Matti Tapio Puh/Tel. +358-50-5419230
Y-tunnus 1911527-0 Fax +358-9-34756631
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFC+fDIRGhQc/k/gTsRApwKAKCTo/wpAWbNHW03gmreQNrfedbbqwCfe4nx
/L748xZkfuWksurvYESuFBM=
=FIch
-----END PGP SIGNATURE-----
