Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How can I customize HTTP 400 responses for parse errors?

Tags:

I've written a REST API service that requires that all responses be JSON. However, when the Go HTTP request parser encounters an error, it returns 400 as a plain text response without ever calling my handlers. Example:

> curl -i -H 'Authorization: Basic hi    
there' 'http://localhost:8080/test' -v
*   Trying ::1...
* TCP_NODELAY set
* Connected to localhost (::1) port 8080 (#0)
> GET /test HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.54.0
> Accept: */*
> Authorization: Basic hi
> there
> 
< HTTP/1.1 400 Bad Request
HTTP/1.1 400 Bad Request
< Content-Type: text/plain; charset=utf-8
Content-Type: text/plain; charset=utf-8
< Connection: close
Connection: close

< 
* Closing connection 0

Note the invalid Authorization header. Of course 400 is the proper response, but it's text/plain, of course. Is there some way to configure the Go http parser to use custom error response media types and bodies?

like image 211
theory Avatar asked Aug 21 '17 17:08

theory

1 Answers

You can't. You can find this in net/http source, it only happens if the request was malformed:

https://github.com/golang/go/blob/master/src/net/http/server.go#L1744

I think your problem might be a new line in the header you're adding in curl?

401, 403, 404, 500 errors you'll be able to respond with json, but bad requests or bad headers (too long, malformed) are handled within server.go.

There is at present no way to intercept such errors though it is under consideration, so your only solution in go would be to patch the stdlib source (I don't recommend this). However, since this error only presents if the client has made a mistake and the request is malformed, it's probably not a huge problem. The reason for the text response is so that a browser or similar client (like curl without -v) doesn't just see an empty response. You could put a proxy like nginx in front of your app but then you'd never see the request either as it is a bad request, your proxy would handle it.

Possibly you'd be able to do it with a proxy like nginx in front though if you set a specific static error page for it to serve for 400 errors and serve a 400.json file that you specify? That's the only solution I can think of. A directive something like this might work for nginx:

error_page 400 /400.json;

If you'd like to be able to customise these errors, perhaps add a comment to the issue linked to let them know you had this specific problem.

like image 199
Kenny Grant Avatar answered Sep 30 '22 15:09

Kenny Grant
Sign in to Comment

Related questions

docker-node: Running as non-root user, file permissions
how to read file outside codeigniter folder
inject implementation to a single multi-function interface class - many CRTP classes?
How to get the HTTP response body using chromedp?
Getting java.lang.NoSuchMethodException: Property 'xx' has no setter method in class 'class xx' while using PropertyUtils.setSimpleProperty function
Why does dbms_sql.parse containing incorrect PL/SQL block with bind variables succeed unexpectedly?
Function naming for R packages
How to efficiently draw a polygon with multiple holes?
Sort array in VBA
Is there a way to disable Thymeleaf, or only enable for certain REST calls?
Google Cloud ML Engine GPU Utilization
Should I be checking in these gradle files?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!