用于访问 corrupt/invalid 资源的 REST 响应代码
REST response code for accessing a corrupt/invalid resource
用于响应已损坏或语义无效资源的 HTTP GET 的最佳 HTTP 状态代码是什么?
例如,考虑对 GET /person/1234 的请求,其中人员 ID 1234 的数据存在于服务器上但违反了某些业务规则,因此服务器拒绝使用它。
- 404 不适用(因为数据实际存在)。
- 4xx总的来说似乎不太理想(因为问题出在服务器端,不在客户端的控制之下)。
- 503 似乎适用于整个服务,而不是特定资源。
- 500 确实合适,但实际上告诉客户可能有什么问题是非常模糊的。
有什么建议吗?
根据iana.org:
4xx: Client Error - The request contains bad syntax or cannot be fulfilled
5xx: Server Error - The server failed to fulfill an apparently valid request
我认为 4xx 状态代码的 none 应该有效作为对内部服务器错误或迁移的响应,或者......客户没有责任或预计将重新检查用户输入的位置。除非涉及用户的预填数据,例如用户的包裹可能不允许他在预定的已知日期后访问该数据,在这种特定情况下它可能是有效的 403 Forbidden正如@Bari 所建议的那样。
我不是专家,但我认为当服务器做出拒绝或将端点数据视为损坏或无效的决定时,这将取决于下一步应该做什么。我看到 3 种可能的情况:
1. 预计这将以某种方式得到修复,客户端
应该被邀请请求回来,但在未来的某个时刻 ==> 503 (Service Unavailable):
503 (Service Unavailable)
status code indicates that the server
is currently unable to handle the request due to a temporary overload
or scheduled maintenance, which will likely be alleviated after some
delay. The server MAY send a Retry-After header field
(Section 7.1.3) to suggest an appropriate amount of time for the
client to wait before retrying the request.
2. 出了点问题,这不是客户的责任,但有另一种访问数据的方法,可能遵循特定流程或发送更多详细信息==> 510 Not Extended
2. 服务器无法满足请求,但有另一种方法要求它包含更多详细信息。 示例: 当请求的数据损坏时,服务器错误响应可能包括它的旧版本(或未保存、未版本化)的列表,并期望客户端更具体地说明要 select 的版本,以便可以获取它而不是损坏的版本 ==> 510 Not Extended
510 Not Extended
The policy for accessing the resource has not been met in the
request. The server should send back all the information necessary
for the client to issue an extended request. It is outside the scope
of this specification to specify how the extensions inform the
client.
If the 510 response contains information about extensions that were
not present in the initial request then the client MAY repeat the
request if it has reason to believe it can fulfill the extension
policy by modifying the request according to the information provided
in the 510 response. Otherwise the client MAY present any entity
included in the 510 response to the user, since that entity may
include relevant diagnostic information.
- 案例 2 已更新为包含一个示例,恕我直言,它可能适合这种情况。但我又不是专家,我可能是
错了
3. 没有替代方法,没有什么可期待的或 none 其他情况 ==> 500 应该是好的
500 (Internal Server Error)
status code indicates that the server
encountered an unexpected condition that prevented it from fulfilling
the request.
阅读评论和链接的资源后,@RemyLebeau 的方法似乎是最好的:
I think 500 is the only official response code that fits this situation. And there is nothing stopping you from including a response body that describes the reason for the failure.
用于响应已损坏或语义无效资源的 HTTP GET 的最佳 HTTP 状态代码是什么?
例如,考虑对 GET /person/1234 的请求,其中人员 ID 1234 的数据存在于服务器上但违反了某些业务规则,因此服务器拒绝使用它。
- 404 不适用(因为数据实际存在)。
- 4xx总的来说似乎不太理想(因为问题出在服务器端,不在客户端的控制之下)。
- 503 似乎适用于整个服务,而不是特定资源。
- 500 确实合适,但实际上告诉客户可能有什么问题是非常模糊的。
有什么建议吗?
根据iana.org:
4xx: Client Error - The request contains bad syntax or cannot be fulfilled
5xx: Server Error - The server failed to fulfill an apparently valid request
我认为 4xx 状态代码的 none 应该有效作为对内部服务器错误或迁移的响应,或者......客户没有责任或预计将重新检查用户输入的位置。除非涉及用户的预填数据,例如用户的包裹可能不允许他在预定的已知日期后访问该数据,在这种特定情况下它可能是有效的 403 Forbidden正如@Bari 所建议的那样。
我不是专家,但我认为当服务器做出拒绝或将端点数据视为损坏或无效的决定时,这将取决于下一步应该做什么。我看到 3 种可能的情况:
1. 预计这将以某种方式得到修复,客户端 应该被邀请请求回来,但在未来的某个时刻 ==> 503 (Service Unavailable):
503 (Service Unavailable)
status code indicates that the server
is currently unable to handle the request due to a temporary overload
or scheduled maintenance, which will likely be alleviated after some
delay. The server MAY send a Retry-After header field
(Section 7.1.3) to suggest an appropriate amount of time for the
client to wait before retrying the request.
2. 出了点问题,这不是客户的责任,但有另一种访问数据的方法,可能遵循特定流程或发送更多详细信息==> 510 Not Extended
2. 服务器无法满足请求,但有另一种方法要求它包含更多详细信息。 示例: 当请求的数据损坏时,服务器错误响应可能包括它的旧版本(或未保存、未版本化)的列表,并期望客户端更具体地说明要 select 的版本,以便可以获取它而不是损坏的版本 ==> 510 Not Extended
510 Not Extended
The policy for accessing the resource has not been met in the
request. The server should send back all the information necessary
for the client to issue an extended request. It is outside the scope
of this specification to specify how the extensions inform the
client.
If the 510 response contains information about extensions that were
not present in the initial request then the client MAY repeat the
request if it has reason to believe it can fulfill the extension
policy by modifying the request according to the information provided
in the 510 response. Otherwise the client MAY present any entity
included in the 510 response to the user, since that entity may
include relevant diagnostic information.
- 案例 2 已更新为包含一个示例,恕我直言,它可能适合这种情况。但我又不是专家,我可能是 错了
3. 没有替代方法,没有什么可期待的或 none 其他情况 ==> 500 应该是好的
500 (Internal Server Error)
status code indicates that the server
encountered an unexpected condition that prevented it from fulfilling
the request.
阅读评论和链接的资源后,@RemyLebeau 的方法似乎是最好的:
I think 500 is the only official response code that fits this situation. And there is nothing stopping you from including a response body that describes the reason for the failure.