http-status-codes

Today a co-worked used a 550 error on a delete action when the user doesn't have permission which at first looked to me bad because as I'm aware of, that kinda error looks like a client (aka 4xx) error to me and not a server (aka 5xx). When looking at the description, it suggest exactly that it was used correctly. Instead of a 401 error, which I was using with some 'problems' before. Problem of 401 error is : If user A is logged in, and try to do an action that returns a 401 it can suggest that you must 'login' since you don't have valid credentials to access that http resource. Problem with

I have CORS working well with Nginx. The APIs are design to send non 200 status code - example 401, 404 etc - for bad input. The problem is that Chrome cancels / abort the request if it receives a non 200 status code. Due to this reason, I am not able to show the exact error on the Web client. What is the way around for CORS non 200 status code errors? By default Nginx only adds headers for requests it considers successful. You can make it add the header without regard for the response code, by adding the always parameter to your add_header directive, e.g. add_header 'Access-Control-Allow

This is quite an odd question, but I am trying to test the Web.Config settings for custom errors e.g.: <customErrors mode="On"/> <error statusCode="500" redirect="500.html"/> <error statusCode="500.13" redirect="500.13.html"/> </customErrors> Is there anyway I can create a page or intercept the request in the global.asax Application_BeginRequest method that can fake up a response to send to the browser i.e. setup a 500.13 HTTP error status which tells IIS to use the 500.13.html page defined in the Web.Config. Ideally, I'd like to do something like create a page that takes a query string value

Usually, when sending a http status header from PHP, one would send the HTTP header like this: header("HTTP/1.0 404 Not Found"); However, the PHP manual says that for FCGI hosts, one would need to send a "Status" header that is then converted into a HTTP header by the FCGI module: header("Status: 404 Not Found"); I am running apache 2.2 with PHP using mod_fcgi on a Windows 7 machine and sending the header using just header("HTTP/1.0 404 Not Found"); seems to work fine. Is this something that has changed recently? Do I still need to send a Status header for FCGI hosts? Could anyone also confirm

According to http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.2 the only response ever mentioned regarding an HTTP OPTIONS request is a 200. However, there seem to be cases such as when the content-length is 0 that a 204 would be more appropriate. Is it appropriate for an HTTP OPTIONS request to return a 204? Julian Reschke Yes, it can return 204. Or 400. Or 404. There is no general restriction as to what status codes a method can return. Also note that it's time to stop looking at RFC 2616. See http://trac.tools.ietf.org/wg/httpbis/trac/wiki . RFC 2616 says: A 200 response SHOULD...

If a clients sends data in an unsupported media type to a HTTP server, the server answers with status " 415 unsupported media type ". But how to tell the client what media types are supported? Is there a standard or at least a recommended way to do so? Or would it just be written to the response body as text? There is no specification at all for what to do in this case, so expect implementations to be all over the place. (What would be sensible would be if the server's response included something like an Accept: header since that has pretty much the right semantics, if currently in the wrong

I have several pages designed to be called with AJAX - I have them return an abnormal status code if they can't be displayed, and my javascript will show an error box accordingly. For example, if the user is not authenticated or their session has timed out and they try to call one of the AJAX pages, it will return 401 Unathorized . I also have some return 500 Internal Server Error if something really odd happens server-side. What status code should I return if one of these pages was called without required parameters? (and therefore can't return any content). I had a look at the wikipedia