TRACE request method

TheTRACE HTTP method performs a message loop-back test along the path to the target resource.

The final recipient of the request should reflect the message as received (excluding any fields that might include sensitive data) back to the client as the message body of a200 OK response with aContent-Type ofmessage/http.The final recipient is either the origin server or the first server to receive aMax-Forwards value of0 in the request.

The client must not sendcontent in the request, or generate headers that might include sensitive data such as user credentials or cookies.Not all servers implement theTRACE method, and some server owners have historically disallowed the use of theTRACE method due to security concerns.In such cases, a405 Method Not Allowedclient error response will be sent.

Request has body	No
Successful response has body	Yes
Safe	Yes
Idempotent	Yes
Cacheable	No
Allowed inHTML forms	No

Syntax

http

TRACE <request-target>["?"<query>] HTTP/1.1

<request-target>: Identifies the target resource of the request when combined with the information provided in theHost header.This is an absolute path (e.g.,/path/to/file.html) in requests to an origin server, and an absolute URL in requests to proxies (e.g.,http://www.example.com/path/to/file.html).
<query>Optional: An optional query component preceded by a question-mark?.Often used to carry identifying information in the form ofkey=value pairs.

Examples

Successful TRACE request

ATRACE request can be performed usingcurl:

bash

curl -v -X TRACE example.com

This produces the following HTTP request:

http

TRACE / HTTP/1.1Host: example.comUser-Agent: curl/8.7.1Accept: */*

A200 OK response with the request headers contained in response body is sent back to the client:

http

HTTP/1.1 200 OKContent-Length: 123Date: Wed, 04 Sep 2024 11:50:24 GMTServer: Apache/2.4.59 (Unix)Content-Type: message/httpTRACE / HTTP/1.1Host: example.comUser-Agent: curl/8.7.1Accept: */*