Some APIs do something worse than crashing — they lie. In this case, Rentgen sent unsupported HTTP methods on endpoints that don’t allow them and instead of returning 405 Method Not Allowed or 501 Not Implemented, the API replied with 200 OK. That’s not harmless. That breaks one of the core debugging assumptions: that status codes reflect reality. When an API says “OK” to something it doesn’t support, engineers waste time chasing payload issues instead of fixing the actual problem. Rentgen flags this as Fail because protocol honesty is not optional — it’s baseline engineering discipline.
Full breakdown and reproduction example here:
👉 https://rentgen.io/api-stories/unsupported-http-method-handling.html
Top comments (0)