Timeline for Error messages and security concerns
Current License: CC BY-SA 4.0
14 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Mar 12, 2021 at 9:49 | comment | added | wobbily_col | @thank you JimmyJames. That is the sort of level I am looking at. The other answers have been helpful, but basically what I had already guessed through common sense. | |
| Mar 11, 2021 at 17:22 | comment | added | JimmyJames | You've already got a lot of answers here but one thing to keep in mind is that returning 403 can be used to 'feel around' a website looking for targets. For that reason the RFC states that you can use 404 instead. I've also seen some services (e.g. AWS) doing the opposite: returning 403 instead of 404. | |
| Mar 11, 2021 at 10:35 | answer | added | Philipp | timeline score: 1 | |
| Mar 11, 2021 at 10:10 | history | edited | wobbily_col | CC BY-SA 4.0 | added 43 characters in body |
| Mar 10, 2021 at 18:00 | history | tweeted | twitter.com/StackSoftEng/status/1369709640938893313 | ||
| Mar 4, 2021 at 23:28 | answer | added | Jake | timeline score: 1 | |
| Mar 4, 2021 at 15:45 | comment | added | wobbily_col | No. I was more interested in how much information is acceptable to be returned, or what would cause problems. | |
| Mar 4, 2021 at 11:36 | answer | added | Flater | timeline score: 5 | |
| Mar 4, 2021 at 11:25 | review | Close votes | |||
| Mar 9, 2021 at 3:03 | |||||
| Mar 4, 2021 at 11:14 | answer | added | Borjab | timeline score: 2 | |
| Mar 4, 2021 at 11:05 | comment | added | gnat | Does this answer your question? Should HTTP status codes be used to represent business logic errors on a server? | |
| Mar 4, 2021 at 10:59 | answer | added | f222 | timeline score: 2 | |
| Mar 4, 2021 at 10:53 | answer | added | Ewan | timeline score: 6 | |
| Mar 4, 2021 at 10:48 | history | asked | wobbily_col | CC BY-SA 4.0 |