actix-web
actix-web copied to clipboard
actix
`allow` response header missing for `405 Method Not Allowed` generated by router
Expected Behavior
I am expecting to see an allow header for 405 Method Not Allowed responses generated by the router.
As per RFC7231#6.5.5:
[…] The origin server MUST generate an Allow header field in a 405 response containing a list of the target resource's currently supported methods.
Current Behavior
There is no allow header to be seen.
Possible Solution
When the router is sending a 405 in response to a request to an existing route, but with an unknown HTTP method it should add a allow header with the known methods.
Steps to Reproduce (for bugs)
main.rs
use actix_web::{web, App, HttpServer, Responder};
async fn index() -> impl Responder {
"Index"
}
#[actix_web::main]
async fn main() -> std::io::Result<()> {
HttpServer::new(|| {
App::new()
.service(web::resource("/").route(web::get().to(index)))
})
.bind("[::]:8080")?
.run()
.await
}
Cargo.toml
[package]
name = "actix_test"
version = "0.1.0"
edition = "2018"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]
actix-web = "3.3.2"
Allowed method:
$ http GET 'localhost:8080/'
HTTP/1.1 200 OK
content-length: 5
content-type: text/plain; charset=utf-8
date: Mon, 09 Aug 2021 19:15:05 GMT
Index
Disallowed method:
$ http PUT 'localhost:8080/'
HTTP/1.1 405 Method Not Allowed
content-length: 0
date: Mon, 09 Aug 2021 19:15:00 GMT
Context
This bug report was created purely from a standard correctness perspective with actix violating a MUST.
This was previously reported in #885, but I believe the remark about RFC correctness was missed in the issue.
Your Environment
- Rust Version (I.e, output of
rustc -V): rustc 1.53.0 (53cb7b09b 2021-06-17) - Actix Web Version: 3.3.2
