|
Soricidus posted:I helped debug a thing today where it turned out the third party api returned 200 application/json in all cases, but if there was an error then sometimes the content was not in fact json hello do you work with our intranet team? Any request that you route through our internal portal that fails will get silently replaced with an http500 so you can get stupid poo poo like you post json expecting json back but actually you get html wrapping a 500
|
#
?
Sep 21, 2018 10:14
|
|
|
|
| # ? Apr 19, 2024 07:22 |
|
|
hmm i guess the grass isnt always greener on the other side..
|
|
#
?
Sep 21, 2018 10:44
|
|
|
there’s always more and it’s always worse
|
|
#
?
Sep 21, 2018 10:48
|
|
|
Chalks posted:It depends how you define your endpoint. If the functionality is "create this user or return details of the user if it already exists" it's not an error condition if it already exists. Something can "fail" to do what the user is attempting, without being an error as long as it's an anticipated part of your process flow. yes, but that kind of case isn’t what the other side is talking about I’m talking about poo poo like getting a 200 if you provide incorrect credentials, which is a textbook loving 401. I’d also accept 403. not 200. and the server still claims it sent you application/json even though the content is the bare text “invalid credentials”
|
|
#
?
Sep 21, 2018 11:32
|
|
|
Soricidus posted:yes, but that kind of case isn’t what the other side is talking about Yeah, sorry, not trying to strawman - 401 for invalid credentials is correct, especially when most API interactions are done via tokens and invalid tokens are a programming issue not a user issue.
|
|
#
?
Sep 21, 2018 12:03
|
|
|
redleader posted:so what do you return if the request is well formed but invalid (because of rules like, i dunno, the caller passes an email address without an @)? i tend to use 400, but that diagram seems to reserve 400 for malformed requests and doesn't seem to offer any advice for this situation 400 is the general catch-all if nothing else fits. Like some folks would say "what your content-type is isn't application/json, it's application/my-custom-format+json and if the e-mail is invalid, that's a breakage of the expected document type so you get a 400 and it's fair since you didn't submit the right content-type". I tend to think that this is kind of acceptable as an interpretation, like there's a difference between content-encoding and the expected content itself, but you can take that leeway to force 400s onto people submitting "syntactically valid but semantically invalid" requests. In that chart you have a bit of an annoyance because the 400 check becomes before the content-length checks, which isn't great since you may need the body to be parsed in order to return the 400. I think the first few ones could have their orders switched to reflect that at no cost. If you look at other frameworks, they tend to be more liberal with 400s while keeping the same workflow overall. https://ninenines.eu/docs/en/cowboy/2.4/guide/rest_flowcharts/ is an alternative flowchart representation for a similar framework but works more tightly from the HTTP Verbs. You'll find that any unsuccessful callback applying a PUT or POST change (AcceptCallback in the chart) will return a 400. If the code crashes, then it generates a 5xx from it. anatoliy pltkrvkay posted:can we talk about how wonderful the 506 word salad is The 'variants' here refer to either different content-type (i.e. a text could be served as text, HTML, or PDF) or language (French, English, Spanish). This was a really big hopeful spot around the semantic web where browsers and servers could negotiate the best and most appropriate content for everyone based on their local preferences and capabilities. It would be returned in alternate headers through a 300 multiple choices when various acceptable representations are in place. It could also be a thing they planned could be facilitated by 'smart caching proxies' that could do all that clever negotiation on-behalf of dumber backend servers. This is kind of critical because it can yield a scenario where a 'variant resource' itself re-forwards to one of the proxies or other variant resources. When that happens, you have a circular dependency that can never resolve. That is when 506 is in theory supposed to be used. Nobody uses it because the semantic web is mostly dead, and when multiple variants exist servers just pick the top one according to accept headers as the one result to return. Plus HTTPS/TLS everywhere drastically reduces the number of fancy proxies people get aside from within a larger org where certs may be shared on one front-end more or less safely, and HTTP2 requiring TLS+ALPN almost end-to-end makes it even harder (few servers seem to support HTTP/1.1 -> HTTP/2 upgrade paths without ALPN negotiation it seems), so it's not really poised to make a comeback either. MononcQc fucked around with this message at 14:21 on Sep 21, 2018 |
|
#
?
Sep 21, 2018 14:18
|
|
|
the talent deficit posted:basically mean you did something wrong and trying again won't work (unless it's a 429 Too Many Requests, which should really be a 5xx error) so go figure your poo poo out. The equivalent for a server-side overload would be 503 (Service unavailable), which can also specify a retry-after header for the client. The distinction lets you know who's to blame for the overload, basically. 429 is a good way to show that the status codes don't necessarily point at "can or can't retry", but rather "who's to blame for a query that failed". It just happens that often, if the client is to blame, they can't safely retry. 404 is kind of funnier there because it blames the client for asking for an unknown resource, but maybe the server should be to blame for not having it?
|
|
#
?
Sep 21, 2018 14:29
|
|
|
Chalks posted:But then you have errors like "there's already a user registered with this email address" and things like that. 400 error codes for "you're using the API wrong" are fine, but 400 codes as standard application flow seem wrong to me. Soricidus posted:yes, but that kind of case isn’t what the other side is talking about invalid credentials is always 401. 403 is valid creds but unauthorized action (i.e. the user doesn't have permission to do the thing). for something like invalid data (email already in use, password criteria not met, phone format invalid, etc...) you throw back some kind of 400 cause the request is invalid. its up to the client to handle it properly. for trash like javascript http codes don't really mean anything because you cant automate how the user deals with the response. if its a 200 with a body that says error or a 400 with a message that says error, you handle it the same and display it to the user and they decide what to do. Where http codes do matter is automation. Then something like a 400 always indicates a failure since theres no human to correct the input, so the client can act based on error codes. Since the api will be used by both humans and computers, you design it for the computer first since the human doesn't or cant care about the technical details.
|
|
#
?
Sep 21, 2018 14:30
|
|
|
folks, is it good or bad to have a, say 12 case long switch statement wherein each case calls a function however, whether or not this function does something or instead has the helpful comment "not implemented!" is seemingly at random i want to say bad
|
|
#
?
Sep 21, 2018 14:34
|
|
|
turn it into a hashmap of functions and do a dispatch based on that (if it finds the function)
|
|
#
?
Sep 21, 2018 14:36
|
|
|
AggressivelyStupid posted:It's a bunch of EEs and poo poo and like they can do C and know how to design and build hardware and whatnot but uh Depending on how "new" it is, it might be based off of Eclipse, at which point you can just download Eclipse and use CW's compilers. It's a MUCH nicer upgrade.
|
|
#
?
Sep 21, 2018 14:39
|
|
|
also when I say 200 or 400 I really mean the appropriate 2xx or 4xx code.
|
|
#
?
Sep 21, 2018 14:41
|
|
|
My thought was just cluster the actually useful functions (there are two, I think) and have the rest just fall through It's all related to NMEA sentences, I want to say we're primarily interested in the GSV and GGA sentences, but I'm still scanning through this abomination its all plain old c ratbert90 posted:Depending on how "new" it is, it might be based off of Eclipse, at which point you can just download Eclipse and use CW's compilers. It's a MUCH nicer upgrade. 5.9.0 classic IDE AggressivelyStupid fucked around with this message at 14:57 on Sep 21, 2018 |
|
#
?
Sep 21, 2018 14:42
|
|
|
redleader posted:so what do you return if the request is well formed but invalid (because of rules like, i dunno, the caller passes an email address without an @)? i tend to use 400, but that diagram seems to reserve 400 for malformed requests and doesn't seem to offer any advice for this situation use 422 Unprocessable Entity https://tools.ietf.org/html/rfc4918#section-11.2
|
|
#
?
Sep 21, 2018 16:37
|
|
|
necrotic posted:use 422 Unprocessable Entity This is a WEBDAV extension, which has kind of been obsoleted by the latest HTTP RFC 7231 (https://tools.ietf.org/html/rfc7231#section-6.5.1). Basically the order goes: RFC 2068 (HTTP/1.1 v1): The request could not be understood by the server due to malformed syntax. The client SHOULD NOT repeat the request without modifications. RFC 2616 (HTTP/1.1 v2, unchanged here): The request could not be understood by the server due to malformed syntax. The client SHOULD NOT repeat the request without modifications. RFC 4918 (HTTP/1.1 // WEBDAV): The 422 (Unprocessable Entity) status code means the server understands the content type of the request entity (hence a 415(Unsupported Media Type) status code is inappropriate), and the syntax of the request entity is correct (thus a 400 (Bad Request) status code is inappropriate) but was unable to process the contained instructions. For example, this error condition may occur if an XML request body contains well-formed (i.e., syntactically correct), but semantically erroneous, XML instructions. RFC 7231 (HTTP/1.1 v3, final form evolved from HTTPBis efforts): The 400 (Bad Request) status code indicates that the server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). WEBDAV worked around the restrictive nature of previous RFCs that really focused on 'syntax' wholesale. But the latest spec relaxed what 400 allowed so that you should feel alright using it now, since it is really redefined as "the server thinks the client is to blame therefore 400". In spirit, that was the reason WEBDAV defined a new status. It is still valid to use, but its rationale (400 is too strict) no longer really applies. HTTP revisions are kind of poo poo, 4 of them all use 1.1 as a version but coexist in at least 4 distinct standards.
|
|
#
?
Sep 21, 2018 16:49
|
|
|
AggressivelyStupid posted:My thought was just cluster the actually useful functions (there are two, I think) and have the rest just fall through Jesus christ. 
|
|
#
?
Sep 21, 2018 16:54
|
|
|
They should add status code 420 (Bad Decision by CEO)
|
|
#
?
Sep 21, 2018 17:03
|
|
|
digging through this we're doing some weird homegrown string splitting for the NMEA sentences and I'm pretty sure we could just make a copy of the string and use strtok and clean up a few hundred lines in this 4600 line file
|
|
#
?
Sep 21, 2018 17:29
|
|
|
mystes posted:They should add status code 420 (Bad Decision by CEO) Http 69: nice
|
|
#
?
Sep 21, 2018 17:32
|
|
|
yeah wow this http status code discussion sure is riveting What are you guys using for Rust IDE? I've just been using vscode, but sounds like some of you were using a jetbrains IDE, but which one??
|
|
#
?
Sep 21, 2018 18:05
|
|
|
Finster Dexter posted:yeah wow this http status code discussion sure is riveting nothing. I'm not using Rust.
|
|
#
?
Sep 21, 2018 18:07
|
|
|
akadajet posted:nothing. I'm not using Rust. why not
|
|
#
?
Sep 21, 2018 18:10
|
|
|
Finster Dexter posted:why not c# and javascript both exist
|
|
#
?
Sep 21, 2018 18:11
|
|
|
Finster Dexter posted:yeah wow this http status code discussion sure is riveting please don't httpshame in the terrible programming thread
|
|
#
?
Sep 21, 2018 18:17
|
|
|
mystes posted:They should add status code 420 (Bad Decision by CEO) Twitter beat you to it
|
|
#
?
Sep 21, 2018 18:28
|
|
|
Sbt plugin authorship status : god I hate sbtFinster Dexter posted:yeah wow this http status code discussion sure is riveting Intellij. If you have clion you get lldb debugging but otherwise the two are the same. I much prefer intellij to vscode.
|
|
#
?
Sep 21, 2018 18:43
|
|
|
vscode is a childs toy for idiots and javascript programmers (same thing)
|
|
#
?
Sep 21, 2018 19:00
|
|
|
Finster Dexter posted:why not rust is for brain damaged c++ people whove gotten indoctrinated that their #1 job is making the compiler happy. then "wow memory safety, amazing". meanwhile everyone else is 
|
|
#
?
Sep 21, 2018 19:18
|
|
|
gonadic io posted:Intellij. If you have clion you get lldb debugging but otherwise the two are the same. I much prefer intellij to vscode. the java IDE?
|
|
#
?
Sep 21, 2018 19:26
|
|
|
Finster Dexter posted:the java IDE? Yeah. V good rust support.
|
|
#
?
Sep 21, 2018 20:09
|
|
|
yeah intellij does a good job in most languages. it's go support and rust support are great. even supports terraform (with jumping to definitions) and all sorts of other poo poo you wouldn't expect. plus its a real ide, and not some electron-based text editor nightmare
|
|
#
?
Sep 21, 2018 22:43
|
|
|
yeah wow this ide discussion sure is riveting so do you prefer tabs or spaces
|
|
#
?
Sep 22, 2018 02:34
|
|
|
terrible programmer status: writing code to scan dynamically-loaded javascript files for their function names at load time and recording them, so that I can get rid of them later by overwriting them all with undefined
|
|
#
?
Sep 22, 2018 03:17
|
|
|
redleader posted:yeah wow this ide discussion sure is riveting spaces, which isn't even up for debate
|
|
#
?
Sep 22, 2018 03:23
|
|
|
AggressivelyStupid posted:folks, make a class and a bunch of subclasses
|
|
#
?
Sep 22, 2018 03:35
|
|
|
mystes posted:They should add status code 420 (Bad Decision by CEO)
|
|
#
?
Sep 22, 2018 03:36
|
|
|
eschaton posted:make a class and a bunch of subclasses no, this is how you get oop!
|
|
#
?
Sep 22, 2018 03:38
|
|
|
eschaton posted:make a class and a bunch of subclasses this will be hard to do in c Main Paineframe posted:terrible programmer status: writing code to scan dynamically-loaded javascript files for their function names at load time and recording them, so that I can get rid of them later by overwriting them all with undefined this is good, actually
|
|
#
?
Sep 22, 2018 03:43
|
|
|
AggressivelyStupid posted:this will be hard to do in c why?
|
|
#
?
Sep 22, 2018 03:50
|
|
|
|
| # ? Apr 19, 2024 07:22 |
|
|
AggressivelyStupid posted:this will be hard to do in c nah, it’ll be simple and a good exercise especially when you have to choose between static and dynamic dispatch, and implement inheritance
|
|
#
?
Sep 22, 2018 03:54
|
|