Comparing just the method difference with curl, I'm not able to reproduce this. Further, this behavior matches our understanding of HEAD. The non-zero Content-Length basically indicates to the client how large the response body would be in a normal GET request.
$ curl http://localhost:35357/v3/groups/invalid_group_id/users/invalid_user_id --header "x-auth-token=ADMIN" {"error": {"message": "Could not find user: invalid_user_id", "code": 404, "title": "Not Found"}} $ curl --head http://localhost:35357/v3/groups/invalid_group_id/users/invalid_user_id --header "x-auth-token=ADMIN" HTTP/1.1 404 Not Found Vary: X-Auth-Token Content-Type: application/json Content-Length: 97 Date: Mon, 04 Aug 2014 21:36:14 GMT ** Changed in: keystone Status: New => Invalid -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to Keystone. https://bugs.launchpad.net/bugs/1350792 Title: In case of HTTP 40x error on HEAD method, the Content-Length will be set incorrectly. Status in OpenStack Identity (Keystone): Invalid Bug description: [description] In case of HTTP 40x error on HEAD method, the Content-Length will be set incorrectly. The response body is none. So the Content-Length should be zero. But some value was set as the Content-Length. This problem occurred in the following API. - HEAD /v3/groups/{group_id}/users/{user_id} - HEAD /v3/domains/{domain_id}/users/{user_id}/roles/{role_id} - HEAD /v3/domains/{domain_id}/groups/{group_id}/roles/{role_id} - HEAD /v3/OS-INHERIT/domains/{domain_id}/users/{user_id}/roles/{role_id}/inherited_to_projects - HEAD /v3/OS-INHERIT/domains/{domain_id}/groups/{group_id}/roles/{role_id}/inherited_to_projects At this moment, - curl are waiting for response body but that is no needs to wait. - keystone server will not send response body even if some value was set as the Content-Length. If using Apache + mod_wsgi for keystone deployment, following messege will be shown, but curl will not be waited for response body. "curl: (18) transfer closed with 162 bytes remaining to read" [steps to reproduce] Run the API listed in description section by curl to occur HTTP 40x error. At that time, the condition is like follows. - Specify unauthorized token - Specify invalid domain_id / user_id / role_id [condition] - Ubuntu 14.04 LTS server - using devstack [about HEAD] http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.htm The HEAD method is identical to GET except that the server MUST NOT return a message-body in the response. The metainformation contained in the HTTP headers in response to a HEAD request SHOULD be identical to the information sent in response to a GET request. To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1350792/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : yahoo-eng-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp