DoGetFallback: fallback to GET when POST is forbidden (e.g. when behind a RBAC proxy)

[jotak]

Version used for observed issue: v1.19.0 (looking at the main code, it's still an issue: https://github.com/prometheus/client_golang/blob/main/api/prometheus/v1/api.go#L1453

Currently, some of the API functions to query metrics use a POST method, and fallback to GET when a status "Not allowed" or "Not implemented" is returned; cf DoGetFallback function.

When Prometheus is used behind a RBAC proxy, users might have permissions for GET (associated with reading) but not for POST (associated with writing). So a POST query might return a 403 error while the GET would succeed.

I'd suggest adding a check for 403 response code as a valid trigger for the GET fallback. What do you think? I'm happy to open a PR if that sounds good to you.

[stale]

Hello 👋 Looks like there was no activity on this issue for the last 3 months. Do you mind updating us on the status? Is this still reproducible or needed? If yes, just comment on this PR or push a commit. Thanks! 🤗
If there will be no activity in the next 4 weeks, this issue will be closed (we can always reopen an issue if we need!).