HTTP HEAD not implemented for HTTP GET similar to ExpressJS v4.

[jmrnilsson]

Is your feature request related to a problem? Please describe.
Express-OpenAPI-Validator doesn't implement HTTP HEAD for GET by default. This is unlike ExpressJS. I wasn't able find any mention of the HEAD command in documentation. HEAD is typically accepted for any GET command but a body is not returned.

Describe the solution you'd like
Default behavior that doesn't allow HTTP HEAD when only GET specified in OAS. There are no options to enable this behavior. In fact, disabling all OAS-validations still changes the ExpressJS behavior. If OAS middleware is used it effectively changes the behavior and returns 405 Method not allowed.

Describe alternatives you've considered
Complete replicated configuration of HTTP HEAD along side HTTP HEAD in the OAS. This is a lot of extra work and may create a OAS almost twice as big in some cases. It would be useful to either change the default behavior or add configuration option.

Additional context
Many frameworks, ExpressJS v.4 included, assumes HEAD can be sent for any GET commands for pre-flights or just probing w/o necessarily inspecting any results. It's very useful.

[sreuter]

Did anyone figure out a great way to automatically allow HEAD requests for GET endpoints?

[jmrnilsson]

I only have a few ideas so far. None tested so far. Custom code to evaluate HEAD before delegation to built-in middleware.

Note: Another issue I found was that the middleware seemed validate before HEAD-request gets their bodies purged. So there’s actually content still when the middleware run.

I wished there was an option to send to the middleware to instruct that HEAD request are allowed and content and content length validated.