Re: Content-Length in HEAD responses

From: Justin Erenkrantz <justin_at_erenkrantz.com>
Date: Sat, 10 Nov 2012 17:28:16 -0500

On Sat, Nov 10, 2012 at 3:25 PM, Thomas Åkesson <thomas_at_akesson.cc> wrote:

> I suppose this means that it would be a significant optimization to
> perform HEAD rather than GET when discovering ACLs for every subdirectory
> in a directory listing?
>

Probably - doing the HEAD request will run the full authn and authz checks,
but it won't produce the bodies - you'll also save not having to send the
responses on the wire - but you won't know what the directory listing is
unless you do a GET in the first place. So, it might help at the leaf
nodes in the tree. (But how would you know it's a leaf! Fun.)

> Branko's concern is still interesting... because this behaviour (omitting
> CL for HEAD requests) does seem to violate the HTTP RFC, but for good
> reason. Given that mod_autoindex as well as mod_php (at least on the config
> I tested) also omits CL for HEAD I suppose it is a well accepted
> optimization in practice.
>

IIRC, there is an out in the RFC if the content is dynamic - this also may
be something cleaned up in the httpbis RFC clarifications as forcing the
server to generate the content only to throw it away (when it can't be
pre-computed) is kinda pointless. -- justin
Received on 2012-11-10 23:28:51 CET

This message: [ Message body ]
Next message: Daniel Shahaf: "Re: Hanging tests mergeinfo-test.exe 12, 15 and skel-test.exe 4 on WinXP with VS2010 release build"
Previous message: Thomas Åkesson: "Re: Content-Length in HEAD responses"
In reply to: Thomas Åkesson: "Re: Content-Length in HEAD responses"
Next in thread: Ivan Zhakov: "Re: Content-Length in HEAD responses"
Reply: Ivan Zhakov: "Re: Content-Length in HEAD responses"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]