资源的HTTP状态代码尚不可用 [英] HTTP Status Code for Resource not yet available
问题描述
我有一个REST端点接受POST请求以将代码标记为已兑换。代码只能在特定日期之间兑换。
如果有人试图提前兑换代码,我应该如何回复?
我怀疑HTTP 403,Forbidden,是正确的选择,但随后w3c声明请求不应重复而在这种情况下,我会预计请求会在以后重复。
由于与当前
的冲突,请求无法完成资源状态。此代码仅在
预期用户可能能够解决冲突且
重新提交请求的情况下才允许。响应主体应该包含足够的
信息,以便用户识别冲突的来源。
理想情况下,响应实体会为
用户或用户代理提供足够的信息来解决问题;但是,这可能不是
可能并且不是必需的。
403 Forbidden 如果他们试图兑换已经兑换的优惠券更有意义,尽管 410在这种情况下已经完美的接缝。
404 Not Found 并不理想,因为资源确实存在,但是如果您不想使用403指定原因或者出于安全原因想要隐藏资源的存在,则可以使用它。 / p>
如果您使用的是 HATEOAS ,那么您还可以通过仅包含兑换优惠券资源中的超媒体控制(通过 GET 检索)优惠券可以兑换;虽然这不会阻止过度绑定的客户试图兑换它。
I have a REST endpoint accepting a POST request to mark a code as redeemed. The code can only be redeemed between certain dates.
How should I respond if someone attempts to redeem the code early?
I suspect HTTP 403, Forbidden, is the right choice but then the w3c states that "the request SHOULD NOT be repeated" whereas in this case I would anticipate the request being repeated, just at a later date.
The request could not be completed due to a conflict with the current state of the resource. This code is only allowed in situations where it is expected that the user might be able to resolve the conflict and resubmit the request. The response body SHOULD include enough information for the user to recognize the source of the conflict. Ideally, the response entity would include enough information for the user or user agent to fix the problem; however, that might not be possible and is not required.
403 Forbidden makes more sense if they are trying to redeem a coupon that has already been redeemed, though 410 Gone seams elegant in this situation as well.
404 Not Found isn't ideal because the resource does in fact exist, however you can use it if you don't want to specify a reason with the 403 or if you want to hide the existence of the resource for security reasons.
If you are using HATEOAS, then you can also head you clients off at the pass (so to speak) by only including a redeem hypermedia control in the coupon resource (retrieved via a GET) when the coupon can be redeemed; though this won't stop overly bound clients from trying to redeem it anyway.
这篇关于资源的HTTP状态代码尚不可用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
