allow OPTIONS on json-ld API

Question

allow OPTIONS on json-ld API

Closed this issue 3 years ago · 3 comments

linked data clients use OPTIONS to see what kind of operations that they can do on a server. Because the json-ld export in the CE is read-only, we should implement OPTIONS that returns:

HTTP/1.1 204 No Content
Allow: OPTIONS, GET

so that clients know that they cannot write to the CE.

Answer 1 · 2021-04-08T14:14:39.000Z

N.b. "Allow" is a header. See:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Allow
and
https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/OPTIONS

Answer 2 · 2021-04-30T12:46:20.000Z

@alastair @musicog the Allow header should only be set when a wrong request method is being used. We do support POST requests for GraphQL requests. Should this restriction only be made for the /:identifier route?

Answer 3 · 2021-04-30T13:07:00.000Z

From what I understand I think that we should do:

OPTIONS /:identifier -> return Allow: OPTIONS, GET
GET /:identifier -> return data (optionally add Allow: OPTIONS, GET)
POST /:identifier -> return method not allowed (optional add Allow: OPTIONS, GET)

I'm not sure if Allow: should also be included in the GET and POST methods, however the header should only appear in the /:identifier route