问题
We are writing a REST API that's going to be exposed publicly and used by lot of third party developers. I am looking at best practices for http status codes especially in error cases.
Our application has lots of components internally to which the API is the interface. If there are any errors in the internal components, should I return a 500 with appropriate error message ?
When going through SO, I found some blogs / SO threads which suggested different ways but none of them had a concrete answer.
Any help on this is greatly appreciated.
回答1:
This is highly subjective. Here's my opinion, having written several moderately complex APIs.
Realize that HTTP status codes won't map neatly to the kinds of errors your internal components will return. They weren't designed to.
The basic rule to follow is 200 is OK, anything else is an error.
I use essentially only these 4 non-OK status codes:
400 = bad request. The caller sent invalid request parameters. 401 = unauthorized. The caller lacks permissions to make the request. 404 = not found. The caller requested a resource that could not be found or does not exist. 500 = internal server error. Everything else. Something bad happened and the caller probably can't do anything about itt.
That's it for HTTP status codes, as far as I'm concerned.
But I don't stop there. I always return a JSON response that contains my own error code, message, and -- in test environments -- stack trace. My error code is a number that callers can program against, as needed. That's the real error code, as far as I'm concerned.
回答2:
Here is the list of codes for best api practices.
codes = Array(
100 => 'Continue',
101 => 'Switching Protocols',
200 => 'OK',
201 => 'Created',
202 => 'Accepted',
203 => 'Non-Authoritative Information',
204 => 'No Content',
205 => 'Reset Content',
206 => 'Partial Content',
300 => 'Multiple Choices',
301 => 'Moved Permanently',
302 => 'Found',
303 => 'See Other',
304 => 'Not Modified',
305 => 'Use Proxy',
306 => '(Unused)',
307 => 'Temporary Redirect',
400 => 'Bad Request',
401 => 'Unauthorized',
402 => 'Payment Required',
403 => 'Forbidden',
404 => 'Not Found',
405 => 'Method Not Allowed',
406 => 'Not Acceptable',
407 => 'Proxy Authentication Required',
408 => 'Request Timeout',
409 => 'Conflict',
410 => 'Gone',
411 => 'Length Required',
412 => 'Precondition Failed',
413 => 'Request Entity Too Large',
414 => 'Request-URI Too Long',
415 => 'Unsupported Media Type',
416 => 'Requested Range Not Satisfiable',
417 => 'Expectation Failed',
500 => 'Internal Server Error',
501 => 'Not Implemented',
502 => 'Bad Gateway',
503 => 'Service Unavailable',
504 => 'Gateway Timeout',
505 => 'HTTP Version Not Supported'
);
回答3:
Most useful request status code :
- Code 100: Informational
- Code 200: Success
- Code 300: Redirection
- Code 400: Client Error
- Code 500: Server Error
来源:https://stackoverflow.com/questions/43602325/rest-api-http-status-code-best-practices