Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Best practice for handling HTTP HEAD request with Django on App Engine

I'm receiving HEAD requests in my application, and wondering on the best way to handle them. Options are:

  • convert them to GETs, process GET normally, then:
    • strip the body (though I'm not sure how - response.content = '' doesn't seem to do it.
    • it seems app engine auto-strips the body, giving a warning "Dropping unexpected body in response to HEAD request"

It seems this is clean, and can be written nicely using decorators or middleware.

  • Handle each HEAD request specially:
    • this means I could avoid a DataStore access in some (many?) cases.
    • There is a risk, apparently, that middleware which sets the Content-length header will be prevented from doing so by this approach.

Anything else? Which should I do? Does using App Engine make a difference here? Are there subtle details; if so, is there appropriate middleware to use? To convert to GET, is `request.method = "GET" sufficient (it seems to work)?

like image 515
Paul Biggar Avatar asked Dec 30 '09 01:12

Paul Biggar


People also ask

How do I get HTTP headers in Django?

The way to do it is prefix = 'HTTP_'; header = header[len(prefix):] . Django 2.2 has supported HttpRequest. headers .

Is Head request faster than get?

The HEAD method is used to ask only for information about a document, not for the document itself. HEAD is much faster than GET, as a much smaller amount of data is transferred. It's often used by clients who use caching, to see if the document has changed since it was last accessed.

What is the difference between issuing a GET HTTP request and a head HTTP request?

The GET method requests a representation of the specified resource. Requests using GET should only retrieve data. The HEAD method asks for a response identical to a GET request, but without the response body.

How does Django handle request?

Django uses request and response objects to pass state through the system. When a page is requested, Django creates an HttpRequest object that contains metadata about the request. Then Django loads the appropriate view, passing the HttpRequest as the first argument to the view function.


1 Answers

Did you intend for you application to handle HEAD requests, or are these coming from some anonymous source? You certainly aren't obligated to honor a HEAD request. You can just return with a status code of 405 (Method not allowed) and provide the Allow header with GET or whatever you mean to handle.

I don't think that manually setting request.method to GET is meaningful; in all probability, you are just returning a response that is larger than what the requester wanted. They just wanted to see the headers for the response. If you don't want to handle the HEAD, do the 405 and Allow header approach.

Generally, a client sends a HEAD request because they are trying to be smart about not handling a full response if they don't need to. They are checking to see if the Content-Length has changed since the last time that they saw the response, or they want to see the Last-Modified or Expires header.

It is certainly well-behaved for your application to gracefully handle HEAD requests, but you don't have to.

like image 99
Adam Crossland Avatar answered Oct 25 '22 20:10

Adam Crossland