What HTTP status code should I return when a client posts bad data (e.g. a string when integer was expected)?
I've been using 400 Bad Request, but as I read over the HTTP docs that seems more applicable to HTTP protocol errors.
I'd like to use a status code so that Flash and AJAX clients can distinguish between success, bad data, and server error without having to parse a response.
The HyperText Transfer Protocol (HTTP) 422 Unprocessable Entity response status code indicates that the server understands the content type of the request entity, and the syntax of the request entity is correct, but it was unable to process the contained instructions.
4xx class - Client Error This status code indicates that the client has sent bad data or a malformed request to the server.
A 422 status code occurs when a request is well-formed, however, due to semantic errors it is unable to be processed. This HTTP status was introduced in RFC 4918 and is more specifically geared toward HTTP extensions for Web Distributed Authoring and Versioning (WebDAV).
The HTTP 200 OK success status response code indicates that the request has succeeded. A 200 response is cacheable by default. The meaning of a success depends on the HTTP request method: GET : The resource has been fetched and is transmitted in the message body.
This is exactly what 400 is for. Yes, it's used for bad HTTP protocol usage, but it's not exclusively for that purpose.
I'd really be more inclined to trap the bad data back in the browser when the client hits the submit button.
If not, then I'd return 400 because as the standard says:
The request could not be understood by the server due to malformed syntax. The client SHOULD NOT repeat the request without modifications.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With