websockets icon indicating copy to clipboard operation
websockets copied to clipboard
verified publisher icon python-websockets

HEAD raises an exception

Open daveisfera opened this issue 1 month ago • 5 comments

When a HEAD request is received by the server, it raises an exception and this makes our server's log noisy when bots and such hit it. Ideally, this would be handled with a 405 or passed to the process_request method with an indication that it's a HEAD instead of a GET to be handled there.

daveisfera avatar Nov 20 '25 04:11 daveisfera

That's a valid feature request. Which server are you using? websockets.asyncio.server.serve?

aaugustin avatar Nov 20 '25 10:11 aaugustin

At first sight, I would do it in the Sans-I/O layer so all implementations benefit from it, to be confirmed after looking at feasibility.

aaugustin avatar Nov 20 '25 10:11 aaugustin

I'm using serve from websockets.sync.server but the issue can also be reproduced with the asyncio server in the example on the main page. Just start that up and hit with curl using -X HEAD and the exception happens. Technically, replying with an upgrade request just like a GET would probably be fine (i.e. the response to a HEAD is supposed to be the same as a GET but without the body) but I don't know how useful that is in practice, so if it's easier to reply with a 405 METHOD_NOT_ALLOWED then that's great by me.

daveisfera avatar Nov 20 '25 21:11 daveisfera

And on a related note, replying to a PUT/POST/DELETE/etc with a 405 instead of raising an exception would also be great. Most spiders use a HEAD or GET but there's plenty of bots out there doing all sorts of horrible things and handling those gracefully instead of with a raised exception would make my logs happier.

daveisfera avatar Nov 20 '25 21:11 daveisfera

Yes it makes sense to return 405 on anything that isn't a GET.

aaugustin avatar Nov 21 '25 10:11 aaugustin