added issues

author: Rasmus Dahlberg <rasmus@mullvad.net> 2021-12-09 11:14:31 +0100
committer: Rasmus Dahlberg <rasmus@mullvad.net> 2021-12-09 11:14:31 +0100
commit: 89f0a41e8baefddf2c6962a8f0eee71dfd124d21 (patch)
tree: 85d7723d8e66225d9fe02304b0bac4c9f00c8eac /issues/fix-http-status-405.md
parent: e74021bee14cdc6a5aa22ddc2068c2f72dfe277f (diff)
1 files changed, 24 insertions, 0 deletions
diff --git a/issues/fix-http-status-405.md b/issues/fix-http-status-405.md
new file mode 100644
index 0000000..7a06288
--- /dev/null
+++ b/issues/fix-http-status-405.md
@@ -0,0 +1,24 @@
+**Title:** Fix HTTP status 405 </br>
+**Date:** 2021-12-09 </br>
+
+# Summary
+Stop returning HTTP Status 405 or ensure that RFC 2616 is followed.
+
+# Description
+When using HTTP GET for a POST endpoint or vice versa, HTTP status code 405 is
+currently returned by sigsum-log-go. According to RFC 2616, an Allow header MUST
+be included in the response.  This issue requires figuring out what
+sigsum-log-go should do: not return HTTP Status 405 or adhere to RFC 2616?
+
+Extract from RFC 2616:
+```
+10.4.6 405 Method Not Allowed
+
+The method specified in the Request-Line is not allowed for the resource
+identified by the Request-URI. The response MUST include an Allow header
+containing a list of valid methods for the requested resource.
+```
+
+To find the relevant parts in the sigsum-log-go code, see the output of
+
+	git grep StatusMethodNotAllowed
author	Rasmus Dahlberg <rasmus@mullvad.net>	2021-12-09 11:14:31 +0100
committer	Rasmus Dahlberg <rasmus@mullvad.net>	2021-12-09 11:14:31 +0100
commit	89f0a41e8baefddf2c6962a8f0eee71dfd124d21 (patch)
tree	85d7723d8e66225d9fe02304b0bac4c9f00c8eac /issues/fix-http-status-405.md
parent	e74021bee14cdc6a5aa22ddc2068c2f72dfe277f (diff)