Feedback on ASP.NET Web API

Use Reflection to Auto Populate the Allow Header

Based on the current Route being executed, it should be possible to detect HTTP methods the same route supports and therefore populate the Allow header in the response. e.g. whilst performing a GET on /api/values it should be possible to detect that the route supports both GET and POST (in fact the code I presume already has this list so that it knows which Action to call). The Allow header could then be populated with GET, POST.

The icing on the cake would be that the Authorize attribute is still checked so if the caller does not have permission to use one of the methods, then that method is dropped from the list.

9 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    PiersPiers shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    3 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • Shiv KumarShiv Kumar commented  ·   ·  Flag as inappropriate

        I don't like this idea. It's simple enough to do it yourself as Daniel suggests too. Please don't do this. If you do, don't make it the default behavior

      • Daniel RothAdminDaniel Roth (Admin, ASP.NET Future Feature Feedback) commented  ·   ·  Flag as inappropriate

        We don't currently plan on providing support out of the box for the Allow header or OPTIONS requests, but it should be possible to enable this yourself in a cross cutting way using action filters. We are certainly interested in hearing though if the community thinks this needs to be in the box.

      Feedback and Knowledge Base