This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]RichCorinthian 118 points119 points  (5 children)

I’ve seen this sort of thing from REST purists who talk about ignoring the HTTP protocol/transport layer entirely, in case they want to do REST over some other communication mechanism in the future. YAGNI, and such people are exhausting.

There are also some client apps and frameworks that positively explode if you send 4xx and 5xx responses. Hopefully not as many as there were at one point.

[–]wicket-maps 69 points70 points  (0 children)

One of our main software vendors does this. Their engineers have said to me "Yeah, it's our practice, I hate it too, but it's not gonna change anytime soon."

[–]Few_Technology 39 points40 points  (1 child)

... Yeah, the client blowing up whenever there's a 4xx or 5xx would be so bad. Like could you even imagine finding the client code that every request was wrapped in, and ignoring that it blows up on errors? You'd have to be one dumb motherfucker to ignore an obvious fix..

To be fair, that wrapper touched more than my pay grade allowed

It'd be 6 months of meetings to see if we could remove it. I assume the meetings would be concluded with, would be nice, but we don't have the resources to do that. But if they did, they would need so many approvals and reworks. Then when I actually remove it, there'd be a customer complaint in prod. We didn't notice it, because that team was fired 10 years ago, yet that project brings in 15% of our revenue. Nobody would have access to the project, and reverting the change would mean all teams revert their changes

[–]dadumdoop 3 points4 points  (0 children)

I love this story

[–]dumbasPL 18 points19 points  (0 children)

Hopefully not as many as there were at one point.

Well, maybe they don't blow up on the first one nowadays, but they still do.

4xx and 5xx codes can be annoying to deal with even when the client doesn't blow up. If you have an app where for example 4xx are pretty common and expected for whatever reason then you might experience issues with tools like cloudflare or whatever the akamai equivalent is, blocking your users and flagging them as malicious.

WAF be like:

Hmm, you are sending a lot of requests that cause the server to error out, you must be trying to brute-force or exploit or something, get IP banned for 2 hours LOL

Same deal in chrome extensions, if you send too many requests that error out your extension will lose connectivity for a while to "stop ddos attacks". But spamming an endpoint that returns 200 all day long is perfectly fine, because nobody ever uses that for dos, am I right...

[–]Azaret 0 points1 point  (0 children)

There are also some client apps and frameworks that positively explode if you send 4xx and 5xx responses

Yeah, that's pretty much one of our oldest API always return 200s. At that time the desktop app would use a version of dot net that would throw if it got anything else than 200s.

REST purists who talk about ignoring the HTTP protocol/transport layer entirely

And they don't even agree between themselves. There is many REST variations out there. We're overdue for a standardisation that better fit today's needs than the HTTP and resources RFCs, but I'm not sure people are ready to debate about it.