The UNLOCK method removes the lock identified by the lock token in the Lock-Token request header. The Request-URI MUST identify a resource within the scope of the lock.
Note that use of the Lock-Token header to provide the lock token is not consistent with other state-changing methods, which all require an If header with the lock token. Thus, the If header is not needed to provide the lock token. Naturally, when the If header is present, it has its normal meaning as a conditional header.
For a successful response to this method, the server MUST delete the lock entirely.
If all resources that have been locked under the submitted lock token cannot be unlocked, then the UNLOCK request MUST fail.
A successful response to an UNLOCK method does not mean that the resource is necessarily unlocked. It means that the specific lock corresponding to the specified token no longer exists.
Any DAV-compliant resource that supports the LOCK method MUST support the UNLOCK method.
This method is idempotent, but not safe (see Section 9.1 of [RFC2616]). Responses to this method MUST NOT be cached.
In addition to the general status codes possible, the following status codes have specific applicability to UNLOCK:
204 (No Content) - Normal success response (rather than 200 OK, since 200 OK would imply a response body, and an UNLOCK success response does not normally contain a body).
400 (Bad Request) - No lock token was provided.
403 (Forbidden) - The currently authenticated principal does not have permission to remove the lock.
409 (Conflict), with 'lock-token-matches-request-uri' precondition - The resource was not locked, or the request was made to a Request-URI that was not within the scope of the lock.
Example - UNLOCK
UNLOCK /workspace/webdav/info.doc HTTP/1.1 Host: example.com Lock-Token: <urn:uuid:a515cfa4-5da4-22e1-f5b5-00a0451e6bf7> Authorization: Digest username="ejw" realm="firstname.lastname@example.org", nonce="...", uri="/workspace/webdav/proposal.doc", response="...", opaque="..."
HTTP/1.1 204 No Content
In this example, the lock identified by the lock token "urn:uuid:a515cfa4-5da4-22e1-f5b5-00a0451e6bf7" is successfully removed from the resource http://example.com/workspace/webdav/info.doc. If this lock included more than just one resource, the lock is removed from all resources included in the lock.
In this example, the nonce, response, and opaque fields have not been calculated in the Authorization request header.