由于乐观锁定失败而使用哪个HTTP状态代码来拒绝PUT [英] Which HTTP status code to use to reject a PUT due to optimistic locking failure
问题描述
假设我想实现某种乐观锁定并使用ETag来指示最新的资源状态。这意味着,当 PUT ting进行更新时,客户将使用 If-Match 标头。
Assume I'd like to implement some kind of optimistic locking and use ETags to indicate the most up to date resource state. This means, clients will use an If-Match header when PUTting for an update.
根据 HTTP规范,服务器必须返回 412前提条件失败如果为 If-Match 标头提供的ETag与当前状态不匹配资源。
According to the HTTP spec, the server has to return 412 Precondition failed if the ETag provided for the If-Match header doesn't match the current state of the resource.
但是, 409 Conflict 似乎更接近我想要在语义上表达的内容,特别是因为它给出了在响应中包含的指南。
However, 409 Conflict seems to be closer to what I want to express semantically, especially as it gives guidelines what to include in the response.
如果未能匹配 If-Match 409 是非常错误的c $ c>标题?
Is it terribly wrong to rather return 409 in case of a failure to match an ETag provided in an If-Match header?
推荐答案
从您的链接到规范:
如果没有实体标签匹配,或者如果给出*并且不存在当前实体,则服务器必须不执行所请求的方法,并且必须返回412(Precondition Failed)响应。当客户端想要阻止更新方法(例如PUT)修改自客户端上次检索它以来已更改的资源时,此行为最有用。
If none of the entity tags match, or if "*" is given and no current entity exists, the server MUST NOT perform the requested method, and MUST return a 412 (Precondition Failed) response. This behavior is most useful when the client wants to prevent an updating method, such as PUT, from modifying a resource that has changed since the client last retrieved it.
因为规范需要HTTP 412(实际上它使用必须),并且因为很明显它们恰好考虑了正在讨论的用例,所以HTTP 412似乎是正确的响应代码。
Because the spec requires an HTTP 412 (indeed it uses "MUST"), and because it's clear that they accounted for precisely the use case under discussion, an HTTP 412 seems like the proper response code.
412无论如何都是非常合理的。请求说有条件地进行更新。 412说条件失败,所以服务不会这样做。特别是因为412是条件请求概念的良好匹配; 409似乎会附加一种特定的拒绝,这可能是也可能不是有条件的。例如,我可以看到一个服务返回409以响应无条件请求发布内部冲突的内容。
412 is pretty reasonable anyway. The request says to do the update conditionally. The 412 says that the condition failed, so the service won't do it. Especially since 412 is a good match for the concept of conditional requests; 409 would seem to attach to a specific sort of refusal, which may or may not be conditional in nature. For example, I could see a service returning a 409 in response to an unconditional request to POST something with an internal conflict.
但请参阅以下内容,同样来自规范:
But see the following, also from the spec:
10.4.10 409冲突
由于与资源的当前状态发生冲突,无法完成请求。只有在预期用户可能能够解决冲突并重新提交请求的情况下,才允许使用此代码。响应主体应该包含足够的信息供用户识别冲突的来源。理想情况下,响应实体将包含足够的信息供用户或用户代理解决问题;但是,这可能是不可能的,也不是必需的。
The request could not be completed due to a conflict with the current state of the resource. This code is only allowed in situations where it is expected that the user might be able to resolve the conflict and resubmit the request. The response body SHOULD include enough information for the user to recognize the source of the conflict. Ideally, the response entity would include enough information for the user or user agent to fix the problem; however, that might not be possible and is not required.
最有可能发生冲突以响应PUT请求。例如,如果正在使用版本控制并且包含PUT的实体更改为与早期(第三方)请求所产生的资源冲突的资源,则服务器可能会使用409响应来指示它无法完成请求。在这种情况下,响应实体可能包含由响应Content-Type定义的格式的两个版本之间的差异列表。
Conflicts are most likely to occur in response to a PUT request. For example, if versioning were being used and the entity being PUT included changes to a resource which conflict with those made by an earlier (third-party) request, the server might use the 409 response to indicate that it can't complete the request. In this case, the response entity would likely contain a list of the differences between the two versions in a format defined by the response Content-Type.
无论如何,规范似乎在条件请求上下文中需要412,同时暗示版本冲突是409s的关键驱动因素。可能会在版本冲突发生的地方使用409作为无条件请求的一部分。
Anyway the spec seems to require a 412 in conditional request contexts, while suggesting that version conflicts are a key driver for 409s. It might be that the 409 would be used where the version conflict occurs as part of an unconditional request.
这篇关于由于乐观锁定失败而使用哪个HTTP状态代码来拒绝PUT的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
