New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
net/http: redirect code is not handled for DELETE requests. #13994
Comments
CL https://golang.org/cl/18706 mentions this issue. |
I don't think CL 18706 is correct. DELETE is not a safe method: https://tools.ietf.org/html/rfc7231#section-4.2.1 Per https://tools.ietf.org/html/rfc7231#section-6.4 ...
It's not correct to treat DELETE the same as a GET or HEAD. |
Such is the case for PUT and POST as well, wouldn't it be safe to allow a way to set unsafe Methods to be redirected if necessary? and by default only do "GET" and "HEAD". |
Updates #13994 Updates #16840 Change-Id: Ia3cad5c211e0c688a945ed6b6277c2552592774c Reviewed-on: https://go-review.googlesource.com/29760 Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
CL https://golang.org/cl/29852 mentions this issue. |
redirection is only handled for GET, HEAD, PUT and POST requests. But not for 'DELETE' , this leads to an issue where in a 'DELETE' request with proper response from the server doesn't honor redirect.
Following code reproduces this problem.
Now running this client against the server.go
The problem seems to be in
client.Do()
Is there a specific reason why DELETE is not handled?.
Tested with curl seems to work fine
Also verified in RFC7231 - https://tools.ietf.org/html/rfc7231#section-4.3.5, doesn't talk anything specific about redirects for 'DELETE'.
Thanks for your inputs.
The text was updated successfully, but these errors were encountered: