[wp-trac] [WordPress Trac] #6076: Incorrect use of HTTP status code
500
WordPress Trac
wp-trac at lists.automattic.com
Mon Mar 3 14:53:45 GMT 2008
#6076: Incorrect use of HTTP status code 500
---------------------+------------------------------------------------------
Reporter: runeh | Owner: anonymous
Type: defect | Status: new
Priority: normal | Milestone: 2.6
Component: General | Version: 2.3.2
Severity: normal | Keywords:
---------------------+------------------------------------------------------
When trying to log in using a wrong username or password, Wordpress issues
an HTTP 500 status code, and the request body states that wrong
credentials has been supplied. As I am sure you know, 500 means Internal
Server Error. A more suitable status code to use would be 403 (Forbidden).
The 500 status code is also issued when submitting an empty username or
password. I think 400 (Bad Request) would be a better fit. Both of these
errors are made by the user, not the server, so it stands to reason that
the status codes should be in the 400 range.
I also noted that a 500 status code is issued if a user is commenting to
quickly (as an anti-spam measure). I'm not convinced that 500 is the
correct status to use, however I'm unsure about which status fits best.
Fixing these issues will make Wordpress behave more semantically correct
with regards to the HTTP protocol.
--
Ticket URL: <http://trac.wordpress.org/ticket/6076>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list