- From: Mark Nottingham <mnot@mnot.net>
- Date: Sat, 4 Apr 2026 08:47:14 +1100
- To: HTTP Working Group <ietf-http-wg@w3.org>
I'll be more specific. Does anyone see a reason not to use 419? I'd argue that if we allow a single framework to squat on a code successfully, we're going to be running out of codes very very soon. Cheers, > On 4 Apr 2026, at 8:14 am, Mark Nottingham <mnot@mnot.net> wrote: > > <https://github.com/httpwg/http-extensions/issues/3410> > > A specific status code needs to be selected. > > The initial draft suggests one in the 4xx range. That seems to be appropriate given the semantics desired (whether broad or narrow; see #3409). > > If that holds, we should select a code that is unregistered and relatively unused. > > The next unassigned 4xx status code is 419. No use is documented in MDN or wikipedia, but I see a few resources that mention a single PHP framework is squatting on it to indicate that a session token is expired. > > What do people think? > > Cheers, > > -- > Mark Nottingham https://www.mnot.net/ > > -- Mark Nottingham https://www.mnot.net/
Received on Friday, 3 April 2026 21:47:22 UTC