It seems like when routes are registered which 'overlap' due to their wildcards, their methods are repeated in the Allow header in 405 responses.
Minimal runnable example: https://go.dev/play/p/wm5Roz8MSRJ
package main
import (
"fmt"
"log"
"net/http"
"net/http/httptest"
"github.com/go-chi/chi/v5"
)
func main() {
r := chi.NewRouter()
r.Post("/article/1-2-3", func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
})
r.Post("/article/{a}", func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
})
r.Post("/article/{b}-{c}", func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
})
r.Post("/article/{b}-{c}-{d}", func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
})
server := httptest.NewServer(r)
defer server.Close()
// Send a request with an unsupported method
res, err := http.Get(server.URL + "/article/1-2-3")
if err != nil {
log.Fatal(err)
}
fmt.Println("Status:", res.Status)
fmt.Println("Header:", res.Header)
}Outputs:
Status: 405 Method Not Allowed
Header: map[Allow:[POST POST POST POST] Content-Length:[0] Date:[Tue, 10 Nov 2009 23:00:00 GMT]]
The POST value in the Allow header is duplicated four times, which seems strange, and I think ideally it would only appear once.
It seems like when routes are registered which 'overlap' due to their wildcards, their methods are repeated in the Allow header in 405 responses.
Minimal runnable example: https://go.dev/play/p/wm5Roz8MSRJ
Outputs:
The
POSTvalue in theAllowheader is duplicated four times, which seems strange, and I think ideally it would only appear once.