From de69d914d10ea9899a871bddd6f94ced7629a774 Mon Sep 17 00:00:00 2001
From: Dirk Stolle <striezel-dev@web.de>
Date: Thu, 30 Nov 2023 01:43:25 +0100
Subject: [PATCH] add Allow header to server responses with status code 405

Furthermore, a response to requests using the OPTIONS method is
implemented.
---
 changelog.md                    | 11 +++++++++++
 export-server/package-lock.json |  2 +-
 export-server/package.json      |  2 +-
 export-server/server.js         |  7 +++++++
 4 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/changelog.md b/changelog.md
index 3ca24e5..6b6e1ce 100644
--- a/changelog.md
+++ b/changelog.md
@@ -10,6 +10,17 @@ Since [ECharts](https://echarts.apache.org/) is the main dependency of this
 application, major version changes in ECharts will also trigger a major version
 change in this application.
 
+## Version 5.0.12 (2023-11-30)
+
+* __[improvement]__
+Whenever the server responds to an unallowed method with HTTP status code 405,
+it will now also send an `Allow` HTTP header to indicate the allowed methods.
+This behaviour is required by [RFC 9110](https://httpwg.org/specs/rfc9110.html#status.405),
+so it should be implemented.
+
+Furthermore, any HTTP request to the server root using the OPTIONS method will
+now return the allowed options via an `Allow` HTTP header.
+
 ## Version 5.0.11 (2023-11-29)
 
 * __[bug fix]__
diff --git a/export-server/package-lock.json b/export-server/package-lock.json
index a5042b0..535755d 100644
--- a/export-server/package-lock.json
+++ b/export-server/package-lock.json
@@ -1,6 +1,6 @@
 {
   "name": "echarts-node-export-server",
-  "version": "5.0.11",
+  "version": "5.0.12",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
diff --git a/export-server/package.json b/export-server/package.json
index 01ef3d3..d7248d8 100644
--- a/export-server/package.json
+++ b/export-server/package.json
@@ -1,6 +1,6 @@
 {
   "name": "echarts-node-export-server",
-  "version": "5.0.11",
+  "version": "5.0.12",
   "description": "ECharts Node.js export server",
   "repository": {
     "url": "https://gitlab.com/striezel/echarts-node-export-server.git",
diff --git a/export-server/server.js b/export-server/server.js
index aba65b6..129bcfa 100644
--- a/export-server/server.js
+++ b/export-server/server.js
@@ -54,10 +54,17 @@ const server = http.createServer(function(req, res) {
 
   // ---- Handle plot generation requests ----
 
+  if (req.method === 'OPTIONS') {
+    res.statusCode = 204; // 204 == No content
+    res.setHeader('Allow', 'POST');
+    res.end();
+    return;
+  }
   // Only post request shall be allowed.
   if (req.method !== 'POST') {
     res.statusCode = 405; // 405 == Method not allowed
     res.setHeader('Content-Type', 'text/plain');
+    res.setHeader('Allow', 'POST');
     res.end('Only POST requests are allowed!\n');
     return;
   }