My Request Payload for a POST or PUT request is as follows:
{
"domainId": 1,
"roleId": 1,
"date": "2017-1-5",
"downloadStatus": "true"
}
All the parameters in the above payload are mandatory. If one or more mandatory parameters are missing in the payload, then which HTTP Status code is to be returned?
From the W3C page related to Status Code Definitions:
10.4.1 400 Bad Request
The request could not be understood by the server due to malformed
syntax. The client SHOULD NOT repeat the request without
modifications.
Related
I am making a POST request to a REST API. This POST call succeeds on the first attempt with a HTTP status 200 and I get the correct result. However, when I make the next and subsequent calls, I get a HTTP 400 Bad Request Error. Why is it Bad Request when the previous call succeeded ?
When searching Bing, I found out that this could be related to submitting the same request. If I change some parameter in my payload, the call succeeds.
Any thoughts on what could be causing this? Am I missing something in request headers?
This is my POST Call.
POST http://myServer/v1.0/something/queries HTTP/1.1
Host: myServer
Authorization: Bearer some big token
Content-Type: application/json
Content-Length: 72
{
"field1": {
"Id": "12345"
},
"count": 1
}
In a lot of APIs, POST data is checked to confirm it is not a duplicate. This is important for some types of business logic such as ensuring there is only one user with some email address for example. In your request, I imagine it may be the "Id" field that is causing the HTTP 400 Bad Request since there is already an object with that "Id" in the system.
im currently working on a website which has Spring at backend and Angularjs at front side and we had discussed about back end responses to handle frontend's message dialogs and i have a question to ask:
Lets say i have an API :
GET : /getstatistics
Request params : fromTime,toTime ( in timestamp format)
And if client make a request with invalid params like a string, which response code should be returned from server ? HTTP 400 bad request and response body with a message " fromTime and toTime should be in timestamp format" or HTTP 200 with same message?
I saw some Google's APIs for example Oauth, they're returning code 200 for a request with invalid access_token but ,in our project my opinion it should be HTTP 400 because Javascript has success and error callbacks, is it better for it just pop a red color dialog with message inside rather than a HTTP 200 code then still need to check the content of the message?
Any advides and opinions are appreciated.
Thanks!
You should be returning a 400 error for bad request. Check out this reference.
The server cannot or will not process the request due to something
that is perceived to be a client error (e.g., malformed request
syntax, invalid request message framing, or deceptive request
routing).
Please have a look at RFC7231#section-6
A client MUST understand the class of any status code, as indicated by
the first digit
and,
4xx (Client Error): The request contains bad syntax or cannot be
fulfilled
Bad syntax can be something like you've mentioned in your question (making a request with invalid parameters, like a string).
I keep these two references handy whenever I'm designing RESTful APIs, might be helpful for you too:
https://httpstatuses.com/
http://www.restapitutorial.com/httpstatuscodes.html
Yes you are right, the http code should be 400 in your case. Your discussion here normally should be whether you need to return 400 or 422. For this you can check the accepted response for this SO question 400 vs 422 response to POST of data
I think it has something to do with how the parameters are used. If you use the resource, then a 404 should return. If the data is simply not valid then we decide to set a 409 Status to the request. It can't full fill it at 100% because of missing/invalid parameter.
HTTP Status Code "409 Conflict" was for us a good try because it's
definition require to include enough information for the user to
recognize the source of the conflict.
Reference: w3.org/Protocols/
Edit:
In any case, the status code 200 is incorrect here because there is an error. In response, you can then return specific information like this:
{
"errors": [
{
"userMessage": "Sorry, the parameter xxx is not valid",
"internalMessage": "Invalid Time",
"code": 34,
"more info": "http://localhost/"
}
]
}
I would like to create a patch rest call to update a login or a fullName or an email or a password of a user. And when updating email and password the oldPassword should be provided.
So I get through this solution:
/api/users/{userId} as a URI
with body format :
{
"login": "string",
"fullName": "string",
"email": "string",
"oldPassword": "string",
"newPassword": "string"
}
all body attributes are not required.
Now I am wondering what type of request should i get when sending only oldPassword in the jsonBody. is it 401 Unauthorized ??
It should not be a 401, this request should require authentication with a Authenticate header. This should then fail which would result in a 401.
I think it should be a 400, bad request. Because they are not sending the correct message body.
"The request could not be understood by the server due to malformed syntax. The client SHOULD NOT repeat the request without modifications."
It should however always contain some sort of explanation (if possible)
Check here for more info on HTTP status codes
I'm new to REST API**(is that really my REST problem?)**
I want to get all node from neo4js by using
Cypher
START n = node(*)
return n;
how do i use if i use jquery ajax POST or GET method
in doc it recommend
POST http://localhost:7474/db/data/cypher
Accept: application/json
Content-Type: application/json
In my code i write
$.ajax({
type:"POST",
url: "http://localhost:7474/db/data/cypher",
accepts: "application/json",
dataType:"json",
contentType:"application/json",
data:{
"query" : "start n = node(*) return n",
"params" : {}
},
success: function(data, textStatus, jqXHR){
alert(textStatus);
},
error:function(jqXHR, textStatus, errorThrown){
alert(textStatus);
}
});//end of placelist ajax
What's my problem?
The error alert is below
You dont say what kind of error you get, but running exactly the same code as you, I get the following error:
XMLHttpRequest cannot load http://127.0.0.1:7474/db/data/cypher.
Origin http://127.0.0.1:3000 is not allowed by Access-Control-Allow-Origin.
So I am assuming that this is the error you are experiencing.
When performing a cross-domain Ajax call, there are two options:
JSONP, which Neo4J does not support.
Cross-Origin Resource Sharing (CORS). "The basic idea behind CORS is to use custom HTTP headers to allow both the browser and the server to know enough about each other to determine if the request or response should succeed or fail".
The OPTIONS request sent before the POST (preflight request), returns the following headers from the Neo4J REST server:
Access-Control-Allow-Origin:*
Allow:OPTIONS,POST
Server:Jetty(6.1.25)
A cruical header is missing here, namely the Content-Type header. This means that the POST request will fail when this header is sent with the POST request, which is exactly what is happening in your $.ajax() call.
The POST will succeed if you remove the following line
contentType:"application/json",
from your $.ajax() call.
This will prevent jQuery from sending the Content-Type header.
What status code should a REST service return in response to a POST request containing a malformed / unparseable message body?
400 Bad Request
Straight from the specification:
The request could not be understood by the server due to malformed
syntax. The client SHOULD NOT repeat the request without
modifications.
Alternatively, if you need a more specific status you can create your own 4XX status for whatever API you might be designing.
400 - Bad Request
From Hypertext Transfer Protocol -- HTTP/1.1 (RFC-2616):
400 Bad Request
The request could not be understood by the server due to malformed
syntax. The client SHOULD NOT repeat the request without
modifications.
I'd say 412 Precondition Failed