[wp-trac] Re: [WordPress Trac] #6076: Incorrect use of HTTP status code 500

WordPress Trac wp-trac at lists.automattic.com
Tue May 6 02:51:13 GMT 2008


#6076: Incorrect use of  HTTP status code 500
-------------------------+--------------------------------------------------
 Reporter:  runeh        |        Owner:  westi   
     Type:  defect       |       Status:  assigned
 Priority:  normal       |    Milestone:  2.6     
Component:  General      |      Version:  2.3.2   
 Severity:  normal       |   Resolution:          
 Keywords:  needs-patch  |  
-------------------------+--------------------------------------------------
Changes (by guillep2k):

 * cc: guillep2k (added)

Comment:

 Personally, I don't think any status codes different from 200 would be
 correct, since at HTTP level you're actually delivering the requested page
 (i.e., the results of the user providing login credentials). 4xx error
 codes are (again according to my opinion) for HTTP errors (e.g., 400/Bad
 Request is for a malformed HTTP request, like invalid usage of headers)
 and not for application level errors. Using HTTP (transport) error codes
 to reflect ''application'' statuses seems to me like mixing design layers.
 Proxies and user agents act upon these errors and may choose '''not to
 show''' the user your provided HTTP response body but replace it for a
 body of their own.

 Nevertheless, 500 is obviously wrong. 403 is meant to reflect the fact
 that access is forbidden, ''despite any credentials you may provide'' (so,
 403 is semantically incorrect). The correct code should be 401, but that's
 for the HTTP protocol, not the Wordpress application. You know what
 happens if you send back a 401 status: the user agent (browser) will ask
 for credentials and attempt basic authentication. This is my point as why
 I think we're mixing layers if we pretend to use HTTP codes different from
 200.

 In my opinion, Wordpress shouldn't return anything except: 200 (pages
 served), 404 (custom page not found page) and 303 (to redirect to a
 permalink). See a good article about these codes at Wikipedia
 [http://en.wikipedia.org/wiki/List_of_HTTP_status_codes].

-- 
Ticket URL: <http://trac.wordpress.org/ticket/6076#comment:2>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list