Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What is the correct HTTP status code for a child entity that is not found?

Tags:

http

Say I've got a resource

/Products/123

And each Product has an associated Supplier entity in the back end database. POST and PUT requests must specify a supplier ID, which is then used to fetch a Supplier entity from the database.

What should be returned if a user issues a PUT /Products/123, which is found, but includes a bad Supplier ID, which is not?

404 Not Found with a message specifying which resource wasn't found?

409 Conflict?

like image 899
BCA Avatar asked Feb 09 '17 11:02

BCA

People also ask

What is the HTTP status code for data not found?

The HTTP 404 Not Found response status code indicates that the server cannot find the requested resource. Links that lead to a 404 page are often called broken or dead links and can be subject to link rot. A 404 status code only indicates that the resource is missing: not whether the absence is temporary or permanent.

What is the status code for entity or URL not found?

If the request method was not HEAD and the server wishes to make public why the request has not been fulfilled, it SHOULD describe the reason for the refusal in the entity. If the server does not wish to make this information available to the client, the status code 404 (Not Found) can be used instead.

What is 204 status code HTTP?

The HTTP 204 No Content success status response code indicates that a request has succeeded, but that the client doesn't need to navigate away from its current page.

When should I use HTTP 404?

Error Code 404 The web site hosting server will typically generate a "404 Not Found" web page when a user attempts to follow a broken or dead link.

Video Answer

2 Answers

The 404 status code may not be right choice because the resource that has not been found is not the target of your request:

6.5.4. 404 Not Found

The 404 (Not Found) status code indicates that the origin server did not find a current representation for the target resource or is not willing to disclose that one exists. A 404 status code does not indicate whether this lack of representation is temporary or permanent; the 410 (Gone) status code is preferred over 404 if the origin server knows, presumably through some configurable means, that the condition is likely to be permanent.

The 409 status code might be suitable for this situation, but is not be the best choice (I wouldn't define this situation as a conflict):

6.5.8. 409 Conflict

The 409 (Conflict) status code indicates that the request could not be completed due to a conflict with the current state of the target resource. This code is used in situations where the user might be able to resolve the conflict and resubmit the request. The server SHOULD generate a payload that includes enough information for a user to recognize the source of the conflict. [..]

I would go for 422 status code with a clear description in the response payload:

11.2. 422 Unprocessable Entity

The 422 (Unprocessable Entity) status code means the server understands the content type of the request entity (hence a 415 (Unsupported Media Type) status code is inappropriate), and the syntax of the request entity is correct (thus a 400 (Bad Request) status code is inappropriate) but was unable to process the contained instructions. For example, this error condition may occur if an XML request body contains well-formed (i.e., syntactically correct), but semantically erroneous, XML instructions.

If 422 doesn't work for you, use the generic 400:

6.5.1. 400 Bad Request

The 400 (Bad Request) status code indicates that the server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).

The following diagram (extracted from this page) is pretty insightful when it comes to picking the most suitable 4xx status code:

Picking the right 4xx status code

like image 101
cassiomolin Avatar answered Oct 28 '22 13:10

cassiomolin

I don't believe that there is a correct answer for this question (unless some REST purist can shed some light) but we currently use (or abuse...) HTTP 400 (Bad Request) with an additional HTTP Header explaining the error (i.e. X-Error: Invalid supplier ID). However a HTTP 422 would also be a good alternative. Statuses 404 or 409 would be confusing since there is no clear way to specify that the response is about a sub-resource.

like image 39
Tasos P. Avatar answered Oct 28 '22 14:10

Tasos P.
Sign in to Comment

Related questions

Postman getting 404 error for simple ASP.NET Core Web API
java.lang.NoClassDefFoundError: Failed resolution of: Lorg/apache/http/params/BasicHttpParams;
Flutter Dart - How to send a Post Request using HttpClient()
In a gofiber POST request how can I parse the request body?
Why do I need to explicitly output the HTTP header for IIS but not Apache?
PHP How To Send Raw HTTP Packet
Examining AJAX HTTP requests using Web Inspector
Will data order in post form be the same to it in web form?
Which browsers' back button does not generate request to the server?
Is Transport security a bad practice for the WCF service over the Internet?
Unit testing cookies in PHP
Send http request to server without expecting a response
How do I accept the SSL certificates when connecting using F#?
Prefer charset declaration in HTML meta tag or HTTP header?
How to block external http requests? (securing AJAX calls)
In Java servlet, cookie.getMaxAge() always returns -1
Rails return all 404 and 500 errors as JSON
Gitlab 6.2 asking for username and password authentication when pushing to origin
Java embedded jetty is accepting HTTP TRACE method
How to get custom response header in angular 2?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!