On 2015-01-01 22:41, Tim Bray wrote: > There are a variety of arguments why 403 is a bad choice. To start with, > the RFC [https://tools.ietf.org/html/rfc7231#section-6.5.3] says 403 > “indicates that the server understood the request but refuses to > authorize it.” In fact, if an ISP is under legal pressure, it’s quite > likely the server never got the request, so 403 is just wrong. There’s > another less-formal issue in that 403 is regarded by many practitioners > as “what happens when you respond to a 401 but the server doesn’t like > the response”. > ... That's a bit misleading. "Server" is not the same thing as "Origin Server", so it includes intermediaries. Best regards, JulianReceived on Friday, 2 January 2015 07:30:45 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:14:42 UTC