Home > Net >  Should private REST endpoints reveal the parameter names in error messages?
Should private REST endpoints reveal the parameter names in error messages?

Time:03-30

The question I have is about whether parameter name(s) be exposed in an error message.

For example, let's say that the public endpoint is https://foo.bar.com/api/results?first=abcd. It's code is supposed to check that the parameter name specified by the user is correct and if it is misspelled, an error should be generated informing the user.

Questions:

  1. Should the error message contain the name of the parameter (first)?
  2. What if the endpoint were private? Should the error message contain the name of the parameter?
  3. In short, should private endpoints reveal the parameter names?

CodePudding user response:

Neither REST nor HTTP care. REST says we should use a uniform interface and standardized messages. HTTP defines standardized responses, and says that responses with Client Error semantics should include

a representation containing an explanation of the error situation, and whether it is a temporary or permanent condition.

It's up to you to decide what explanation of the error situation will be useful, and how it should be represented in the HTTP response.

Page link:https//www.codepudding.com/net/353825.html

Prev:how to use where like in restful api codeigniter 4?
Next:How to apply style of selected radiobutton in Vuetify
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding