orhtej2@eviltoast.org to Programmer Humor@programming.devEnglish · 1 day agoREST my ass 💩eviltoast.orgimagemessage-square63linkfedilinkarrow-up1676arrow-down14
arrow-up1672arrow-down1imageREST my ass 💩eviltoast.orgorhtej2@eviltoast.org to Programmer Humor@programming.devEnglish · 1 day agomessage-square63linkfedilink
minus-squareTomasEkeli@programming.devlinkfedilinkarrow-up33·21 hours agoPlease, please, please, PLEASE return error-codes and problem-details. Here’s the RFC: https://www.rfc-editor.org/rfc/rfc9457.html
minus-squaredouglasg14b@lemmy.worldlinkfedilinkarrow-up2arrow-down1·3 hours agoCounter argument is that error codes and problem details can be used by attackers to reverse engineer and find exploitable parts of a system. Within reason anyways
minus-squareFeathercrown@lemmy.worldlinkfedilinkEnglisharrow-up1·2 hours agoSo can a 200 response with an error description
minus-squareryannathans@aussie.zonelinkfedilinkarrow-up3·9 hours agoIt’s often valid to serve a 200 OK with an error in the application data.
minus-squaredarvit@lemmy.darvit.nllinkfedilinkarrow-up2·10 hours agoThis looks so over-engineered. Most of the time you only need an error message. Make the message clear enough so that it can be shown to the end user.
Please, please, please, PLEASE return error-codes and problem-details.
Here’s the RFC: https://www.rfc-editor.org/rfc/rfc9457.html
Counter argument is that error codes and problem details can be used by attackers to reverse engineer and find exploitable parts of a system.
Within reason anyways
So can a 200 response with an error description
Nightmares.
It’s often valid to serve a 200 OK with an error in the application data.
This looks so over-engineered. Most of the time you only need an error message. Make the message clear enough so that it can be shown to the end user.