vendredi 30 janvier 2015

HTTP service API error message best practise


Vote count:

0




For a error case when calling some HTTP Rest service API, the response is as follows:



{
"statusCode": "400",
"error": "Bad Request",
"message": "Can not construct instance of java.math.BigDecimal from String value 'a': not a valid representation\n at [Source: org.apache.cxf.transport.http.AbstractHTTPDestination$1@2f650e17; line: 1, column: 2] (through reference chain: com.foo.services.dto.request.ItemToUpdate[\"quantity\"])",
"validation": {
"source": "PAYLOAD",
"keys": ["key"]
},
"errorIdentifiers": [],
}


I am wondering if the message field in the response is appropriate. It does reveal certain level of implementation to the end user. Is this considered as



  1. no particular problem at all

  2. just a bad cosmetic issue that won't cause serious problem, just not readable to end user

  3. potential security risk that definitely needs to be fixed



asked 32 secs ago

ccy

280






HTTP service API error message best practise

Aucun commentaire:

Enregistrer un commentaire