I'm wondering if it is correct to return HTTP 200 OK
when error on server side occurred with some error inside of response body.
Example:
- We're sending
http GET
- Something unexpected happened on the server side.
- Server returns
http 200 OK
status code with error inside a response (e.g.{"status":"some error occured"}
Is is correct behavior or not? Shouldn't we change status code?
HTTP Is the Protocol handling the transmission of data over the internet.
If that transmission breaks for whatever reason the HTTP error codes tell you why it can't be sent to you.
The data being transmitted is not handled by HTTP Error codes. Only the method of transmission.
HTTP can't say 'Ok, this answer is gobbledigook, but here it is'. it just says
200 OK
.i.e : I've completed my job of getting it to you, the rest is up to you.
I know this has been answered already but I put it in words I can understand. sorry for any repetition.
To clarify, you should use HTTP error codes where they fit with the protocol, and not use HTTP status codes to send business logic errors.
Errors like insufficient balance, no cabs available, bad user/password qualify for HTTP status
200
with application specific error handling in the response body.See this software engineering answer:
Even if I want to return a business logic error as HTTP code there is no such acceptable HTTP error code for that errors rather than using HTTP 200 because it will misrepresent the actual error.
So, HTTP 200 will be good for business logic errors. But all errors which are covered by HTTP error codes should use them.
Basically HTTP 200 means what server correctly processes user request (in case of there is no seats on the plane it is no matter because user request was correctly processed, it can even return just a number of seats available on the plane, so there will be no business logic errors at all or that business logic can be on client side. Business logic error is an abstract meaning, but HTTP error is more definite).
No, this is very incorrect.
HTTP is an application protocol. 200 implies that the response contains a payload that represents the status of the requested resource. An error message usually is not a representation of that resource.
If something goes wrong while processing GET, the right status code is 4xx ("you messed up") or 5xx ("I messed up").
HTTP status codes say something about the HTTP protocol.
HTTP 200
means transmission is OK on the HTTP level (i.e request was technically OK and server was able to respond properly). See this wiki page for a list of all codes and their meaning.HTTP 200 has nothing to do with success or failure of your "business code". In your example the
HTTP 200
is an acceptable status to indicate that your "business code error message" was successfully transferred, provided that no technical issues prevented the business logic to run properly.Alternatively you could let your server respond with
HTTP 5xx
if technical or unrecoverable problems happened on the server. OrHTTP 4xx
if the incoming request had issues (e.g. wrong parameters, unexpected HTTP method...) Again, these all indicate technical errors, whereasHTTP 200
indicates NO technical errors, but makes no guarantee about business logic errors.To summarize: YES it is valid to send error messages (for non-technical issues) in your http response together with HTTP status 200. Whether this applies to your case is up to you. If for instance the client is asking for a file that isn't there, that would be more like a
404
. If there is a misconfiguration on the server that might be a500
. If client asks for a seat on a plane that is booked full, that would be200
and your "implementation" will dictate how to recognise/handle this (e.g. JSON block with a{ "booking","failed" }
)