jsr369-experts@servlet-spec.java.net

[jsr369-experts] Re: PushBuilder#method

From: Shing Wai Chan <shing.wai.chan_at_oracle.com>
Date: Wed, 1 Mar 2017 16:11:24 -0800

While implementing the PushBuilder, we see the following for PushBuilder#push
     * @throws IllegalArgumentException if the method set expects a
     * request body (eg POST)

Should we remove it, since we have already thrown a more precise IllegalArgumentException in PushBuilder#method?

       Shing Wai Chan


> On Feb 17, 2017, at 6:37 AM, Mark Thomas <markt_at_apache.org> wrote:
>
> On 14/02/17 23:46, Shing Wai Chan wrote:
>> According section 8.2 of RFC 7540, a promised request must be cacheable and safe without a request body.
>
> I think it is worth repeating this and/or referencing it in the Javadoc
> for PushBuilder.
>
>> For request methods defined in RFC 7231, only GET and HEAD are cacheable and safe.
>> So, one cannot push
>> POST, PUT, DELETE, CONNECT, OPTIONS and TRACE. (*)
>> Since there are custom http methods, there may be others cacheable and safe methods,
>>
>> In PushBuilder#method, what will happen when methods in (*) are applied?
>
> Either we allow them and the client should reset the stream oe we block
> them e.g. with IAE as suggested below.
>
>> The current javadoc seems to accept the methods in (*) above.
>> Should we throw IllegalArgumentException in this case?
>
> Tricky. I don't like allowing something we know to be wrong but neither
> do I like the inconsistency that custom methods would always be allowed.
>
> On balance, I prefer an IAE for known invalid methods here.
>
> Mark
>