在 HTTP 头或响应主体中休息错误消息? ?

我有一个针对 iPhone 和 Android 客户端的 REST 服务。目前我遵循 HTTP 代码200、400、401、403、404、409、500等。

我的问题是,建议在哪里放置错误的原因/说明/原因?RESTAPI 总是像这样在头中包含自定义原因是否更有意义?

< HTTP/1.1 400 Bad Request - Missing Required Parameters.
< Date: Thu, 20 Dec 2012 01:09:06 GMT
< Server: Apache/2.2.22 (Ubuntu)
< Connection: close
< Transfer-Encoding: chunked

还是把它放在经由 JSON 的响应机构里更好?

< HTTP/1.1 400 Bad Request
< Date: Thu, 20 Dec 2012 01:09:06 GMT
< Server: Apache/2.2.22 (Ubuntu)
< Connection: close
< Transfer-Encoding: chunked
< Content-Type: application/json
{ "error" : "Missing Required Parameters" }
92742 次浏览
小开

It is better to have error details in the body. Furthermore, many (most / almost all, eg. WSGI) servers and clients do not support changing the name of the error code - treat them as fixed pairs (so eg. 400 is always "Bad Request" and not "Bad Request - You Forgot To Specify The User ID"). Even if they won't break, they won't care about your special name for specific error code.

小开
最佳答案

Quoting from the HTTP specification for 400.x error codes:

The 4xx class of status code is intended for cases in which the client seems to have erred. Except when responding to a HEAD request, the server SHOULD include an entity containing an explanation of the error situation, and whether it is a temporary or permanent condition. These status codes are applicable to any request method. User agents SHOULD display any included entity to the user.

It is best practice to include the error message as an entity in the body of the HTTP response - be it JSON, plain text, formatted HTML, or whatever other format you may want to utilize.

小开

The error does not belong in the body. It belongs in the Warning header.

The Warning general HTTP header contains information about possible problems with the status of the message.

Reference


提交答案