Menu
What are suitable response codes and messages for:
?, / break stuff in URL parametersAt present, we use 400 for all.
838
2xx successful – the request was successfully received, understood, and accepted. 3xx redirection – further action needs to be taken in order to complete the request. 4xx client error – the request contains bad syntax or cannot be fulfilled. 5xx server error – the server failed to fulfil an apparently valid request.
Perhaps the most common status code returned is 200. It simply means that the request was received, understood, and is being processed, whereas the 201 status code indicates that a request was successful and a resource was created as a result.
503: “The server is unavailable to handle this request right now.” The request cannot be completed at this point in time. This code may be returned by an overloaded server that is unable to handle additional requests.
Cases 1, 2 and 3 in your question are essentially syntactic errors in the request
=> 400 Bad Request
(RFC 2616 says: The request could not be understood by the server due to malformed syntax.)
As to case 4:
a. Invalid credentials
=> 401 Unauthorized
b. Repeating already-done action
=> 403 Forbidden
(The RFC says: The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated.)
But then 409 Conflict and 410 Gone make sense when trying to modify stuff incorrectly (PUT) or accessing resources already deleted, respectively.
And here is RFC 2616 Section 10.
119
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
