Vote count:
0
For a error case when calling some HTTP Rest service API, the response is as follows:
{
"statusCode": "400",
"error": "Bad Request",
"message": "Can not construct instance of java.math.BigDecimal from String value 'a': not a valid representation\n at [Source: org.apache.cxf.transport.http.AbstractHTTPDestination$1@2f650e17; line: 1, column: 2] (through reference chain: com.foo.services.dto.request.ItemToUpdate[\"quantity\"])",
"validation": {
"source": "PAYLOAD",
"keys": ["key"]
},
"errorIdentifiers": [],
}
I am wondering if the message
field in the response is appropriate. It does reveal certain level of implementation to the end user. Is this considered as
- no particular problem at all
- just a bad cosmetic issue that won't cause serious problem, just not readable to end user
- potential security risk that definitely needs to be fixed
asked 32 secs ago
HTTP service API error message best practise
Aucun commentaire:
Enregistrer un commentaire