[
https://issues.apache.org/jira/browse/SLING-2426?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13218849#comment-13218849
]
Roy T. Fielding commented on SLING-2426:
----------------------------------------
It is okay to provide either one if you know them in advance. You just can't
rely on receiving them because they could be removed or replaced along the path
(and that path includes the internals of the origin server). For example, an
origin server might internally cork a response body on a GET just long enough
to learn the length and hence be able to send Content-Length dynamically,
whereas that would be impossible in response to HEAD.
> SlingSafeMethodsServlet's default HEAD implementation not completely RFC
> compliant
> ----------------------------------------------------------------------------------
>
> Key: SLING-2426
> URL: https://issues.apache.org/jira/browse/SLING-2426
> Project: Sling
> Issue Type: Bug
> Components: Servlets
> Affects Versions: API 2.2.0
> Reporter: Boris Pruessmann
>
> RFC 2616 states: "The HEAD method is identical to GET except that the server
> MUST NOT return a message-body in the response."
> The current implementation of the SlingSafeMethodsServlet does not guarantee
> what's stated above - if the GET call's response gets too big, the servlet
> engine might switch to chunked transfer. However, the HEAD call returns a
> valid Content-Length header no matter what, resulting in HEAD returning
> different headers than the corresponding GET call.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
