Eranda Eranda - 1 month ago 9
HTTP Question

Correct response for HTTP GET with a Content-Type

What is the correct response for HTTP GET with a Content-Type? Should we respond with an error or should we ignore the Content-Type and process the request?

Answer

According to RFC 7231 section 3.1.1.5:

A sender that generates a message containing a payload body SHOULD generate a Content-Type header field in that message unless the intended media type of the enclosed representation is unknown to the sender. If a Content-Type header field is not present, the recipient MAY either assume a media type of "application/octet-stream" ([RFC2046], Section 4.5.1) or examine the data to determine its type.

So, anything that has a "body", a payload, in the request, should pass in a Content-type.

GET, DELETE, HEAD, OPTIONS most often don't have such a payload. But the might. So depending on the request method to determine if there is a body or not is not a very safe way.

If your server receives a GET, and it has a body, and that body is not application/octet-stream then it should have a Content-Type header. It is safe to send a 406 - Not Accepted back when you receive such a request.

On the other hand, if your server does not handle body on a GET, then it would be safe to send a 406 - Not Accepted back too.

Comments