Return 405 instead of 404 when HTTP method is not supported [SPR-4927]

[spring-projects-issues]

Kenny MacLeod opened SPR-4927 and commented

Prior to the use of Spring 2.5 @RequestMapping, if I wanted to limit my controller to accepting POST requests only, I simply injected POST into the controller, and a GET request would result in a very specific "this controller only support POST" error.

When I use @RequestMapping(method=POST), however, and send a GET request to the controller, I get an entry in the logs saying "No matching handler method found for ... , method 'GET'", and a 404 is returned to the client.

This seems like a step backwards to me. I only noticed because a client was accidentally sending GET requests to a POST-only controller, and the resulting 404 caused some confusion, running around and general pointing of fingers. A 404 doesn't seem to be the correct response.

I'd like to suggest 406 (NOT ACCEPTABLE), but that may cause even more confusion. Even a 500 would be preferably to a 404 here, i think.

---

Affects: 2.5.4

Issue Links:

• @Controller method order effects @RequestMapping behavior in ways not expected [SPR-5731] #10401 @Controller method order effects @RequestMapping behavior in ways not expected
• Comprehensive REST Support [SPR-4419] #9097 Comprehensive REST Support

Referenced from: commits ba42594, 0a6cac5

[spring-projects-issues]

Kenny MacLeod commented

bump

[spring-projects-issues]

Juergen Hoeller commented

This is unfortunately a consequence of our new general matching algorithm there: The dispatcher, when eventually generating a response, doesn't know that there would have been a handler for the same request - just with POST instead of GET. All it knows is that there was no matching handler method found.

We'll revisit that in the context of Spring 3.0's general REST support, which will also refine the matching algorithm.

Juergen

[spring-projects-issues]

Arjen Poutsma commented

I suggest that 405 ("Method Not Allowed") is used instead. Seems most applicable.

[spring-projects-issues]

Arjen Poutsma commented

This should work now.

[spring-projects-issues]

Paul Benedict commented

What are the odds that someone will want to customize the error code? Can 405 be the default with a way to override it? Maybe another attribute on @RequestMapping? Or a global configuration parameter?

[spring-projects-issues]

Arjen Poutsma commented

You can override the method that sets the response code in the AnnotationMethodHandlerAdapter. That said, I strongly recommend using 405, conforming to the HTTP spec.

[spring-projects-issues]

Grzegorz Borkowski commented

During testing 3.0 M3 I've found invalid behavior related to this.
Say you have following controller:

@Controller
@RequestMapping("/projects")
public class ProjectEndpoint {
 
  @RequestMapping(method=GET)
  public HttpResponse list() {...}
 
  @RequestMapping(method=GET, value="{projectId}")
  public HttpResponse show(@PathVariable long projectId) {...}
 
  @RequestMapping(method=PUT,value="{projectId}")
  public HttpResponse createOrUpdate(@PathVariable long projectId) {...}
 
  @RequestMapping(method=DELETE, value="/{projectId}")
  public HttpResponse remove(@PathVariable long projectId) {...}
}

In my tests, I got following restuls:
GET /projects/project1 -> 200 (good)
POST /projects/project1 -> 405 (good)
GET /projects -> 200 (good)
POST /projects ->404 (wrong! it should be 405)

[spring-projects-issues]

Arjen Poutsma commented

I think this might be related to #10401. I will investigate it now.

[spring-projects-issues]

Arjen Poutsma commented

Should be fixed now.

[spring-projects-issues]

Tom Schober commented

Using this controller and 3.0 M3:
<code>
@Controller
@RequestMapping(value="/upload")
public class PhotoUploadController
{
@RequestMapping(method = RequestMethod.POST)
public ModelAndView upload(@RequestParam("file") MultipartFile file) throws IOException
{
return new ModelAndView("upload", "photoId", "123");
}

@RequestMapping(method = RequestMethod.GET)
public ModelAndView get()
{
	return new ModelAndView("PhotoUploadView", "photoId", "456");
}

}
</code>
POST to "/upload" returns a 404

Is this still a bug in M3?

[spring-projects-issues]

Arjen Poutsma commented

It might be. Could you try a recent snapshot, and see if that works better?