Showing posts with label forbidden. Show all posts
Showing posts with label forbidden. Show all posts
Friday, March 26, 2010
Consistent HTTP Codes
Does it pay in terms of security to have consistent HTTP error codes returned to the requesting clients? Does it make more sense to return an HTTP 404 when something isn't found and an HTTP 403 when something is forbidden? Or does it make more sense to always use either 404 or 403 exclusively?
Labels:
consistency
,
forbidden
,
http
,
notfound
,
statuscode
Subscribe to:
Posts
(
Atom
)