[wp-trac] [WordPress Trac] #14786: WP_Http Transport test order refactoring

WordPress Trac wp-trac at lists.automattic.com
Mon Sep 6 22:50:40 UTC 2010


#14786: WP_Http Transport test order refactoring
--------------------------+-------------------------------------------------
 Reporter:  hakre         |       Owner:                        
     Type:  defect (bug)  |      Status:  new                   
 Priority:  normal        |   Milestone:  Awaiting Review       
Component:  HTTP          |     Version:  3.0.1                 
 Severity:  normal        |    Keywords:  has-patch dev-feedback
--------------------------+-------------------------------------------------

Comment(by jacobsantos):

 Replying to [comment:19 hakre]:
 > Replying to [comment:16 jacobsantos]:
 > > Also, the Method check in Fopen is wrong. The problem is not the
 method but sending with a body as part of the message. It is possible to
 send a body with GET requests.
 >
 > Your statement made me curious and I re-read the HTTP 1.1 RFC according
 to that. I'm referring to this document (collection):
 > I can not find any hint in 9.3 as the specification of the GET method
 that allows to send a request body. Following the description in section
 4.3, this means that a message body MUST NOT be included in the GET
 request.
 >
 > From what I can see here is that to include a request body in a get
 request is just violating the HTTP standards. Can you please check for
 yourself again? I might have misread something or you have a source you
 can point to which shows the opposite.

 Nothing from what I can read says that it is not allowed and using this:
 "A server SHOULD read and forward a message-body on any request; if the
 request method does not include defined semantics for an entity-body, then
 the message-body SHOULD be ignored when handling the request." from the
 same [http://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.3 rfc2616
 section 4.3] states that the server should accept it any way, not that it
 has to do anything with the message-body. The fact that it is possible and
 not disallowed, means that it can be done. I agree that it should not be
 done, but it is something I have done in the past with results. Given the
 liberal nature of the specification, it is allowed, because it might break
 the web otherwise.

 The HEAD method is the only one that I can see that specifically states
 that the message-body must not exist. However, it is true that just
 because you CAN send a message-body with a GET request, doesn't mean the
 server has to actually process it with the request. In this, if you want
 to be sure that the server will handle the message-body, then it has to be
 either PUT or POST or another that specifically states a request for a
 message body.

 It is semantics, the point is that since it is possible and the server
 will still accept it, not allowing it based on method seems too
 restrictive. The point is to be a bit more liberal as long as it doesn't
 break the requirements of the spec which specifically state that something
 must not do or must do something.

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/14786#comment:20>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list