HTTP 405 Method Not Allowed

The 405 method not allowed error indicated that the method (E.g. POST, GET, PUT, DELETE) was not allowed.

663 views
d

By. Jacob

Edited: 2021-02-09 13:02

The 405 Method Not Allowed message indicates that the method type used to perform the request was not allowed for the requested resource.

There are multiple request methods available to clients when sending HTTP requests, some of the most well known being POST and GET; but there are also other request types available, such as OPTIONS, PUT, and DELETE.

If a given resource is not using the POST request, then it probably should not support that request type; but, clients might still send a POST request to a resource that only implements the GET method, and if the website is using software that is either flawed or configured incorrectly, it might still respond to such requests with a 200 Ok message.

According to According to rfc7231 section 7.4.1: when responding with a 405 status, the allow header field should always be included. This header field includes a comma separated lists of supported request methods.

A 405 Method Not Allowed response looks like this:

HTTP/1.1 405 Method Not Allowed
Content-Type: text/html
Allow: GET, HEAD

<h1>405 Method Not Allowed</h1>

To send a 405 response from PHP you can use the http_response_code function:

http_response_code(405);
header('Allow: GET, HEAD');
echo '<h1>405 Method Not Allowed</h1>';
exit();

Links

  1. List of HTTP Status Codes
  2. PHP: Header

Sources

  1. rfc7231 section 7.4.1 - ietf.org

Tell us what you think: