This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.
Based on discussion at https://github.com/w3c/web-platform-tests/issues/980, it was suggested to file a bug here regarding this. Regarding GET/HEAD requests in particular, the RFCs are unclear about whether a request is allowed to supply a body or not, but apparently there's a desire for browsers to behave identically even though this by definition should not matter, because backends simply should not care. So, the options are, A) require that GET, HEAD requests do not supply Content-Length or Transfer-Encoding B) specify that if GET or HEAD requests DO supply a Content-Length, it should be exactly 0, and the backend should ignore it anyways. The current browser story is, IE, Safari and Chrome all send a Content-Length header for all HEAD requests, and this is justified in the source code as "because maybe you're sending a HEAD request to something which normally only deals with POST requests and needs a message body". I would say that this should actually be whether there is a message-body or not, since the XHR spec says to set the message-body to NULL, but unfortunately some methods require a Content-Length regardless of whether there is a message-body or not (POST and PUT, for example). Deliberate away, I'm interested to see what gets settled on.
caitp, could you perhaps elaborate on what browsers do here? What do they do for GET/HEAD/POST/CHICKEN? If browsers roughly agree it probably makes sense to go with that.
> The current browser story is, IE, Safari and Chrome all send a Content-Length header for all HEAD requests, and this is justified in the source code as "because maybe you're sending a HEAD request to something which normally only deals with POST requests and needs a message body". This means, if the method is HEAD (not talking about any other methods), the Content-Length header is present with a value 0. In chromium tree: (https://chromium.googlesource.com/chromium/src/+/ca9d6916c5fedf6f0ee73dfc397cb0f65ad326b9/net/http/http_network_transaction.cc#894 --- most recent commit as of time of this comment). The reasoning why is explained in the source comment. Last year, Safari appeared to be doing the same thing, not sure if it still is or not. Reportedly, IE does too. Unfortunately the network stacks for those other browsers isn't as easily linked to in bug reports
https://github.com/whatwg/fetch/commit/c103d0962dc4cb9e76c5425213fa8459509fa3d5