Inconsistent status code for HEAD and GET when the request is sent to public artifact. #14711
Comments
reasonerjt
added a commit
to reasonerjt/harbor
that referenced
this issue
Apr 28, 2021
This commits make sure when the request does not carry authorization headers, the HEAD and GET will get the same response code. This change should be made due to goharbor#14711 Signed-off-by: Daniel Jiang <[email protected]>
|
The minimal change in #14768 may fix the problem but this does introduce a break change in the case |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Such inconsistency was introduced to workaround issue in
#11271
This approach does not follow the HTTP spec and it bites us when Harbor is running behind a CDN, some user reported seeing inconsistent status code for HEAD, possibly due to CDN caching the response header for GET requests.
We should find a way to suit our usecase and not violating the http spec at the same time.
Some mentioned that dockerhub return 401 for GET request issued to public resources. Harbor may do the same.
We should make sure the change will not break any exisitng use cases.
The text was updated successfully, but these errors were encountered: