I'm getting a 4XX client error, I have never come across these before (maybe naively).
This is frustrating me, because my page seems to be working fine but when scanning it for SEO purposes I am getting two 4xx client error in
Put simply, what are they?
The HTTP 1.1 RFC explains and lists all of the 4xx errors.
"The 4xx class of status code is intended for cases in which the client seems to have erred."
Related
we have a application that makes a web service call to Mule ESB and the log shows mostly 500 error code during peak hours and 200 success code during off peak hours. I am not part of the Mule team, but when I talked with them they indicate that this may not be a problem on their side, they are saying nothing is received on their ends.
Now my question is if our application logs show 500 error code, won't that indicate the request has made it to the Mule ESB but was not able to process it or still possible to get 500 error code if the request is lost somewhere due to networking / router issues or similar to that?
The question is totally generic and doesn't provide any insight on the implementation. Then his answer applies to any HTTP response from any implementation and technology, be it Mule, Java Python, etc.
The answer depends on if the server is using the 500 response correctly. If they just answer 500 because it doesn't handle errors correctly then there is nothing you can imply from that.
If 500 is used correctly it is an internal error. If the issue is that they don't receive a proper response from another backend it be argued if there is not a better response code for that like 502 or 504. In any case is that team that manages the app who should troubleshoot the error.
What you can buy sure is that the request reached the application because it responded with an HTTP response.
I have some logic in the web server to find out if the user is trying to do a DoS attack. But what's the correct HTTP response code to return for that? Also what's a good error message I can put in HTTP body to tell the user politely that he's got into the DoS attack path?
But what's the correct HTTP response code to return for that?
RFC 6585 suggests 429 Too Many Requests
The 429 status code indicates that the user has sent too many requests in a given amount of time ("rate limiting").
If the attack has compromised your ability to handle legitimate requests, then to those you might respond with 503 Service Unavailable.
Note the change in semantics - the person sending the bad requests gets a status out of the 4NN Client Error class, while those not at fault get a status from the 5NN Internal Service Error class.
what's a good error message I can put in HTTP body to tell the user politely that he's got into the DoS attack path?
Please stop that?
I am just wondering if 404/400 Responses in a node express app is consider an error and if it will be caught by the error handling middle ware?
I had a hard time finding this in the documentation
In HTTP/1.1, a response code of 400 or higher is considered an error.
However, Express error handling only deals with programming errors, not HTTP errors. If your app detects an error condition and sends back a 400 or 404 response, Express doesn't care (i.e. it won't call the error handler).
I am working in an API . I want to throw detailed error messages to the user. Now i am in a situation to decide what kind of error code should be sent or how to explain user if any error occurs in the application internally. For example if database connection fails , what kind of http status code i want to send to the user ?
Can anyone help ?
An HTTP status code generally refers to the status of the HTTP request itself, not the status of the application handling the request. Therefore, most server-side errors are covered by 500 Internal Server Error. Any additional info about the error should be described in the response body. For APIs, the response body will often be JSON or XML, so you can use those formats for your errors. Something like this:
HTTP/1.1 500 Internal Server Error
[headers]
{"status":"error", "message":"The request failed due to database connectivity."}
There are, however, two cases I can think of when you might want another status code. If the user has requested an API method that is not implemented, you might want a 501 Not Implemented, and when there is a temporary service outage, you can use 503 Service Unavailable.
More info about server-side status codes here.
When building REST web services in .NET, what is the most "RESTful" way of mapping System.ArgumentNullException and System.ArgumentException to HTTP status codes? My first guess would be to use HTTP 400/Bad Request with an appropriate description.What is the recommended best practice when mapping exceptions to HTTP status codes?
In general, the 4xx status codes tell the client that the request failed but may succeed if the request i smodified. The 5xx codes inform the client about problems that where the client has no influence.
So the first distinction you have to make is between 4xx and 5xx codes, i.e. tell the client if it should retry or not.
HTTP 400 "Bad Request" should be used if the request was indeed syntactically malformed, incomplete, contradicting or otherwise basically wrong.
Additionaly it may be a valid default status in the 4xx range, if no other status seems appropriate and you believe the client needs only to modify the request to succeed.
It depends on the context. E.g. an ArgumentNullException could stem from a violated precondition or be an internal server error.
Regards,
tamberg