Node: http body dropped when using delete method
From what I can find, due to this line of code if you make an http request with a delete method the body will not be written (although no error will fire):
From what I can find the spec does not forbid and http body being placed (nor discourages) it (however it may not necessarily be a very commonly used). Here's a test case showing/recreating the issue:
FAILS:
const http = require('http');
const url = require('url');
let req_method = 'delete'; // succeeds if you change this to post
let server = http.createServer((req, res) => {
let method = req.method.toLowerCase();
let uri = url.parse(req.url.toLowerCase());
let data = Buffer.alloc(0);
req.on('data', (datum) => data = Buffer.concat([data, datum]));
req.on('end', () => {
console.log(method, uri.path);
console.log(data.toString('utf8'));
console.assert(method === req_method);
console.assert(data.toString('utf8') === 'Delete method should allow a body.');
res.writeHead(200, 'Ok.');
process.exit(1)
})
}).listen(process.env.PORT || 5000, () => {
let req = http.request({"method":req_method, "path":"/test/path", "host":"localhost", "port":5000});
req.write('Delete method should allow a body.');
req.end();
});
A work around is to add req.useChunkedEncodingByDefault = true before write or end. e.g.,
WORKAROUND:
const http = require('http');
const url = require('url');
let req_method = 'delete';
let server = http.createServer((req, res) => {
let method = req.method.toLowerCase();
let uri = url.parse(req.url.toLowerCase());
let data = Buffer.alloc(0);
req.on('data', (datum) => data = Buffer.concat([data, datum]));
req.on('end', () => {
console.log(method, uri.path);
console.log(data.toString('utf8'));
console.assert(method === req_method);
console.assert(data.toString('utf8') === 'Delete method should allow a body.');
res.writeHead(200, 'Ok.');
process.exit(1)
})
}).listen(process.env.PORT || 5000, () => {
let req = http.request({"method":req_method, "path":"/test/path", "host":"localhost", "port":5000});
req.useChunkedEncodingByDefault = true;
req.write('Delete method should allow a body.');
req.end();
});
Happy to submit a PR to see how i can help fix it, just wanted to make sure first there wasn't a disagreement as to whether delete should even have an option of having a body.
trevorlinton
All 3 comments
http spec says that while sending a body with DELETE is not forbidden (e.g. not a client error), a server should ignore it
section 4.3: "if the request method does not include defined semantics for an entity-body, then the message-body SHOULD be ignored when handling the request"
devsnek
on 6 Mar 2018
It's not a bug. As you've noticed, there's a property called useChunkedEncodingByDefault which is set to false by default for any of GET, HEAD, DELETE, OPTIONS and CONNECT. If you want to provide a body, you're free to do so but you have to use Content-Length or Transfer-Encoding: chunked to do so.
The fact that POST doesn't require this to be specified is just a convenience feature since it almost always comes with a body.
apapirovski
on 6 Mar 2018
I'll close this up as the question has been answered and there are no changes to be made.
apapirovski
on 7 Mar 2018
Related issues
ksushilmaurya
路
3Comments
Brekmister
路
3Comments
jmichae3
路
3Comments
danielstaleiny
路
3Comments
addaleax
路
3Comments
Most helpful comment
http spec says that while sending a body with DELETE is not forbidden (e.g. not a client error), a server should ignore it
section 4.3: "if the request method does not include defined semantics for an entity-body, then the message-body SHOULD be ignored when handling the request"