tempauth should return 405 for HEAD on /auth/v1.0

Bug #1695855 reported by Filippo Giunchedi on 2017-06-05
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Object Storage (swift)
Low
HCLTech-SSW

Bug Description

From 1-tim-z on https://bugs.launchpad.net/swift/+bug/1695273

(Separately, though, I think tempauth is out of spec returning a 400 on HEAD where a GET would 401... never mind the fact that there's a better code (405) for exactly this situation of using the wrong method on a known path...)

Tim Burke (1-tim-z) on 2017-09-27
Changed in swift:
status: New → Confirmed
Tim Burke (1-tim-z) wrote :

Or just behave like we do on GET -- it's not like we send a body. FWIW, the badness is in https://github.com/openstack/swift/blob/2.15.1/swift/common/middleware/tempauth.py#L685-L690

Changed in swift:
importance: Undecided → Low
Changed in swift:
assignee: nobody → HCLTech-SSW (hcltech-ssw)
Changed in swift:
status: Confirmed → In Progress
HCLTech-SSW (hcltech-ssw) wrote :
Changed in swift:
status: In Progress → Fix Committed
Kota Tsuyuzaki (tsuyuzaki-kota) wrote :

I don't think fix committed is suitable status for this because it didn't land to the master yet. "Fix committed" means "Fixed but not available for the next release".

Changed in swift:
status: Fix Committed → In Progress
clayg (clay-gerrard) wrote :

Hrm... yeah I think in hindsight 405 would have been better... but this is usability issue on a old stable version of the auth api - are we sure we can go back and change it?

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers