parlov docs
Oracle ClassesExistence OracleCache Probing412 vs 404 — Precondition Failure

412 vs 404 — Precondition Failure

A request carrying precondition headers reaches precondition evaluation for an existing target.

Implemented

A request carrying precondition headers (If-Match, If-Unmodified-Since, or If-None-Match on non-GET/HEAD methods) reaches precondition evaluation for an existing target. The server evaluates target state against the precondition and returns 412 Precondition Failed. A nonexistent target returns 404 before reaching precondition logic.

  • What leaks: 412 confirms the server got far enough to evaluate target state against the precondition — the target was not rejected purely at syntax or routing. This is a precondition oracle, not a retrieval-only oracle. Strongest on non-GET/HEAD methods with false If-None-Match (MUST-level 412). Also applicable on GET/HEAD via If-Match and If-Unmodified-Since, though 304 vs 404 is the stronger retrieval-path differential.

304 vs 404 — Conditional Retrieval

A conditional GET or HEAD using If-None-Match or If-Modified-Since reaches validator evaluation for an existing target.

206 vs 404 — Range Fulfillment

A GET request with a satisfiable Range header reaches range evaluation for an existing target.