Re: p2: scope for status codes

On 20/04/2013 9:14 p.m., Mark Nottingham wrote:
> Several status codes are defined in terms of indicating the server's intent, without specifying what kind of server it is.
>
> I believe there are several that we can make more specific without too much controversy. Specifically,
>
>    406 Not Acceptable
>    409 Conflict

Note: Squid uses 409 Conflict to signal CVE-2009-0801 validation 
mismatch between DNS, TCP and HTTP state as reason for messages being 
rejected. It is a client-end error and more expressive of the semantic 
problem than 400 or 500.

>    500 Internal Service Error

Disagree strongly with 500. It is intentionally the generic "server" 
error to be sent by any server for edge case internal errors.

>
> can, I think, all be specified as being from the origin server.
>
> And, if we are still OK with 403 Forbidden being generated by both origins and intermediaries, it may be helpful to explicitly state that.

Agreed on that.


Amos

Received on Sunday, 21 April 2013 02:33:11 UTC