It probably makes sense to return 403 for 'id', since the current behaviour won't update any other parameters when id is provided.
In the case of status we could consider just ignoring it, ie matching the behaviour of 'owner', ie it is not really something 'settable' in v1, so ignore it.
Here's the current behaviour for the various headers which can be supplied:
x-image- meta-location: 400 (ok) meta-is_ public: N/A meta-disk_ format: N/A meta-container_ format: N/A meta-status: 200 (bad, bug 1482371) meta-copy_ from: 200 (dropped, ok) meta-checksum: 403 (ok) meta-created_ at: 200 (dropped, ok) meta-updated_ at: 200 (dropped, ok) meta-deleted_ at: 200 (dropped, ok) meta-min_ ram: N/A meta-min_ disk: N/A meta-protected: N/A meta-deleted: 200 (dropped, ok) meta-virtual_ size: N/A
x-image-meta-size: 403 (ok)
x-image-
x-image-
x-image-
x-image-meta-name: N/A
x-image-
x-image-
x-image-meta-uri: 200 (dropped, ok)
x-image-
x-image-
x-image-
x-image-
x-image-
x-image-
x-image-meta-owner: 200 (dropped, ok)
x-image-meta-store: 200 (dropped, ok)
x-image-meta-id: 500 (bad, new bug 1483353)
x-image-
x-image-
x-image-
It probably makes sense to return 403 for 'id', since the current behaviour won't update any other parameters when id is provided.
In the case of status we could consider just ignoring it, ie matching the behaviour of 'owner', ie it is not really something 'settable' in v1, so ignore it.