is_http_range_requests_unsupported should return true on Method Not Allowed

[olivierlefloch]

Summary

Azure Artifacts does not allow HEAD requests when attempting to download packages. This expands error handling in is_http_range_requests_unsupported to identify HTTP 405 (Method Not Allowed) error codes, and return true (i.e. Range requests will not be supported). This partially addresses #1458 – after this change, Azure Artifacts downloads still fail, but due to 401 Not Authorized instead of 405 Method Not Allowed.

Test Plan

I ran something akin to

RUST_LOG=trace cargo run -- pip install --index-url=https://REDACTED:[email protected]/REDACTED/_packaging/REDACTED/pypi/simple/ --upgrade --verbose private-package

without this code, and got a 405 failure:

error: Failed to download: private-package==1.2.3
  Caused by: HTTP status client error (405 Method Not Allowed) for url (https://pkgs.dev.azure.com/REDACTED/_packaging/REDACTED/pypi/download/private-package/1.2.3/private_package-1.2.3-py3-none-any.whl#sha256=REDACTED)

with this code, I get a 401 failure:

error: Failed to download: private-package==1.2.3
  Caused by: HTTP status client error (401 Unauthorized) for url (https://pkgs.dev.azure.com/REDACTED/_packaging/REDACTED/pypi/download/private-package/1.2.3/private_package-1.2.3-py3-none-any.whl#sha256=REDACTED)

Caveats

I'm not seeing a non HEAD request being reported as being fired, so I'm not sure I'm doing this correctly!

[charliermarsh]

Thanks, this does look right to me.

[charliermarsh]

I suspect the 401 is related to us somehow not preserving the credentials in the URL.

[charliermarsh]

@olivierlefloch - Okay from your perspective if I merge?

[olivierlefloch]

Absolutely! I was unsure if this needed tests, etc., but I think it solves part of the issue!

[charliermarsh]

We're still figuring out our testing infra for private registries, so it's "testing live" for now :)