http - REST response code for invalid data - Stack Overflow
70 captures
09 Jun 2012 - 20 Dec 2025
Sep
OCT
Nov
11
2015
2016
2017
success
fail
About this capture
COLLECTED BY
Organization:
Internet Archive
These crawls are part of an effort to archive pages as they are created and archive the pages that they refer to. That way, as the pages that are referenced are changed or taken from the web, a link to the version that was live when the page was written will be preserved.
Then the Internet Archive hopes that references to these archived pages will be put in place of a link that would be otherwise be broken, or a companion link to allow people to see what was originally intended by a page's authors.
The goal is to
fix all broken links on the web
Crawls of supported "No More 404" sites.
Collection:
Wikipedia Near Real Time (from IRC)
This is a collection of web page captures from links added to, or changed on, Wikipedia pages. The idea is to bring a reliability to Wikipedia outlinks so that if the pages referenced by Wikipedia articles are changed, or go away, a reader can permanently find what was originally referred to.
This is part of the Internet Archive's attempt to
rid the web of broken links
TIMESTAMPS
The Wayback Machine - https://web.archive.org/web/20161011011239/https://stackoverflow.com/questions/6123425/rest-response-code-for-invalid-data
current community
chat
Stack Overflow
Meta Stack Overflow
your communities
or
to customize your list.
more stack exchange communities
company blog
Stack Exchange
Inbox
Reputation and Badges
tour
help
Tour
Start here for a quick overview of the site
Detailed answers to any questions you might have
Meta
Discuss the workings and policies of this site
Learn more about Stack Overflow the company
Business
Learn more about hiring developers or posting ads with us
Stack Overflow
Questions
Jobs
Documentation
Tags
Users
Badges
Ask Question
Dismiss
Join the Stack Overflow Community
Stack Overflow is a community of 4.7 million programmers, just like you, helping each other.
Join them; it only takes a minute:
REST response code for invalid data
up vote
120
down vote
favorite
27
What response code should be passed to client in case of following scenarios?
Invalid data passed while user registration like wrong email format
User name/ Email is already exists
I chose 403. I also found following that I feel can be used.
Wikipedia:
412 Precondition Failed :
The server does not meet one of the preconditions that the requester
put on the request
Suggest code if I should use other than 403.
http
rest
jax-rs
share
improve this question
edited
Mar 5 '14 at 23:51
Kowser
4,949
22
50
asked
May 25 '11 at 11:03
Amit Patel
5,295
13
38
80
Possible duplicate:
stackoverflow.com/questions/3050518/…
Genjo
Aug 29 at 10:34
add a comment
4 Answers
active
oldest
votes
up vote
129
down vote
accepted
400 is the best choice in both cases. If you want to further clarify the error you can either change the Reason Phrase or include a body to explain the error.
412 - Precondition failed is used for conditional requests when using last-modified date and ETags.
403 - Forbidden is used when the server wishes to prevent access to a resource.
The only other choice that is possible is 422 - Unprocessable entity.
share
improve this answer
answered
May 25 '11 at 11:32
Darrel Miller
85.7k
17
130
196
while it is often used in this context, 403 is not limited to acces control, since rfc2616-10.4.4 says: "The server understood the request, but is refusing to fulfill it. [...] if the server wishes to make public why the request has not been fulfilled, it SHOULD describe the reason for the refusal in the entity." The reason can be invalid data. However, 422 is more applicable here.
Yannick Loiseau
May 25 '11 at 14:19
Let's not get caught up in textual criticism. See for example
trac.tools.ietf.org/wg/httpbis/trac/ticket/294
which attempts to clarify that 403 is and was always about authorization.
fumanchu
May 25 '11 at 14:44
@fumanchu Nice catch. A link to a change request that is only 7 hours old :-)
Darrel Miller
May 25 '11 at 15:31
@fumanchu It means 403 should be return in case of user don't have permission to access requested resource. But I think 401 Unauthorized is more appropriate of accessing resource on which user doesn't have permission.
Amit Patel
May 26 '11 at 4:45
@fumanchu It is also stated that "Authorization will not help and the request SHOULD NOT be repeated." for 403. What I understand here is is even you have special privileges/permission, you cannot access resource.
Amit Patel
May 26 '11 at 4:58
show
more comments
up vote
60
down vote
I would recommend 422. It's not part of the main HTTP spec, but it is defined by a public standard (WebDAV) and it should be treated by browsers the same as any other 4xx status code.
From
RFC 4918
The 422 (Unprocessable Entity) status code means the server understands the content type of the request entity (hence a 415(Unsupported Media Type) status code is inappropriate), and the syntax of the request entity is correct (thus a 400 (Bad Request) status code is inappropriate) but was unable to process the contained instructions. For example, this error condition may occur if an XML request body contains well-formed (i.e., syntactically correct), but semantically erroneous, XML instructions.
share
improve this answer
answered
Feb 3 '12 at 16:42
Mike Deck
9,826
50
82
12
Note that the quoted text states that 422 is applicable when the request entity is syntactically well-formed, but semantically erroneous. If the request entity is garbled, 400 is the appropriate response.
Matty K
Aug 20 '12 at 1:59
add a comment
up vote
53
down vote
If the request could not be correctly parsed (including the request entity/body) the appropriate response is
400 Bad Request
].
RFC 4918
states that
422 Unprocessable Entity
is applicable when the request entity is syntactically well-formed, but semantically erroneous. So if the request entity is garbled (like a bad email format) use 400; but if it just doesn't make sense (like
@example.com
) use 422.
If the issue is that, as stated in the question, user name/email already exists, you could use
409 Conflict
] with a description of the conflict, and a hint about how to fix it (in this case, "pick a different user name/email"). However in the spec as written,
403 Forbidden
] can also be used in this case, arguments about HTTP Authorization notwithstanding.
412 Precondition Failed
] is used when a precondition request header (e.g.
If-Match
) that was
supplied by the client
evaluates to false. That is, the client requested something and supplied preconditions, knowing full well that those preconditions might fail. 412 should never be sprung on the client out of the blue, and shouldn't be related to the request entity
per se
share
improve this answer
answered
Aug 20 '12 at 2:29
Matty K
1,994
12
16
I should note the updated HTTP/1.1 RFCs: 400 Bad Request, 409 Conflict, 403 Forbidden etc. live in
tools.ietf.org/html/rfc7231
; 412 Precondition Failed is in
tools.ietf.org/html/rfc7232#section-4.2
Matty K
Jul 3 '14 at 3:49
add a comment
up vote
11
down vote
It is amusing to return
418 I'm a teapot
to requests that are obviously crafted or malicious and "can't happen", such as failing CSRF check or missing request properties.
2.3.2 418 I'm a teapot
Any attempt to brew coffee with a teapot should result in the error
code "418 I'm a teapot". The resulting entity body MAY be short and
stout.
To keep it reasonably serious, I restrict usage of funny error codes to RESTful endpoints that are not directly exposed to the user.
share
improve this answer
answered
Oct 16 '15 at 8:16
doug65536
3,202
17
32
add a comment
Not the answer you're looking for? Browse other questions tagged
http
rest
jax-rs
or
ask your own question
asked
5 years ago
viewed
60801 times
active
12 months ago
Linked
Http response codes for invalid data and data conflict
179
What HTTP status response code should I use if the request is missing a required parameter?
24
Return Mvc.JsonResult plus set Response.StatusCode
HTTP Code for payment accepted/refused in a REST API
HTTP code best suited in case of databse delete restriction due to dependency
Related
3100
PUT vs POST in REST
2373
What exactly is RESTful programming?
391
REST API error return good practices
458
REST HTTP status codes for failed validation or invalid duplicate
Http response codes for invalid data and data conflict
315
How to do authentication with a REST API right? (Browser + Native clients)
Angularjs GET http request to REST server returns 500 (Internal Server Error)
REST response code for existing data
REST response code for accessing a corrupt/invalid resource
RESTful resource returns HTTP 204, yet client displays 200
Hot Network Questions
Why does the race hazard theorem work?
Why isn't the Memory Charm (Obliviate) an Unforgivable Curse?
Why is there a white line on Russian fighter jet's instrument panel?
The Guard Of Fantasy
Asking client for discount on tickets to amusement park
Tenant claims they paid rent in cash and that it was stolen from a mailbox. What should I do?
Premade masteries or choose on the fly?
How can I list two concurrent careers, one full time and one freelance, on a CV?
Should ideal specular multiply light colour with material colour?
How to challenge optimized player with Sharpshooter feat
Can a new platform / cryptocurrency be built on top of Monero?
Find duplicates of a file by content
Why is the TIE fighter tethered in Force Awakens?
15 Balls Sorting
Inserting a DBNull value into a database
Draw an asterisk triangle
Problems with "+" in grep
What is Monero Meta?
PSA: Set `always-confirm-transfers = 1`! Why is this not the default?
Is the sum of two white noise processes also a white noise?
Can I stack an Animated Shield with the Shield spell?
How to prevent contributors from claiming copyright on my LGPL-released software?
Will credit card payment from abroad be suspicious as taxable income?
What am I? Riddle question
more hot questions
question feed
default
tour
help
blog
chat
data
legal
work here
advertising info
mobile
feedback
Technology
Life / Arts
Culture / Recreation
Science
Other
Stack Overflow
Server Fault
Super User
Web Applications
Ask Ubuntu
Webmasters
Game Development
TeX - LaTeX
Programmers
Unix & Linux
Ask Different (Apple)
WordPress Development
Geographic Information Systems
Electrical Engineering
Android Enthusiasts
Information Security
Database Administrators
Drupal Answers
SharePoint
User Experience
Mathematica
Salesforce
ExpressionEngine® Answers
Cryptography
Code Review
Magento
Signal Processing
Raspberry Pi
Programming Puzzles & Code Golf
more (7)
Photography
Science Fiction & Fantasy
Graphic Design
Movies & TV
Music: Practice & Theory
Seasoned Advice (cooking)
Home Improvement
Personal Finance & Money
Academia
more (8)
English Language & Usage
Skeptics
Mi Yodeya (Judaism)
Travel
Christianity
English Language Learners
Japanese Language
Arqade (gaming)
Bicycles
Role-playing Games
Anime & Manga
more (18)
Mathematics
Cross Validated (stats)
Theoretical Computer Science
Physics
MathOverflow
Chemistry
Biology
Computer Science
Philosophy
more (3)
Stack Apps
Meta Stack Exchange
Area 51
Stack Overflow Careers
site design / logo © 2016 Stack Exchange Inc; user contributions licensed under
cc by-sa 3.0
with
attribution required
rev 2016.10.10.4051