Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Return 200 http status code on 503 authz response #500

Open
phavekes opened this issue Dec 1, 2024 · 0 comments
Open

Return 200 http status code on 503 authz response #500

phavekes opened this issue Dec 1, 2024 · 0 comments

Comments

@phavekes
Copy link
Member

phavekes commented Dec 1, 2024

This issue is imported from pivotal - Originaly created at Jun 13, 2022 by Michiel Kodde

Body communicates the 503 (forbidden) error. While the http status code should be 200. Maybe re-using the status codes for both constructions is somewhat confusing here.

Rationale: the HTTP response is not forbidden (hence the 200 code) but the application authorization check resulted in a forbidden status code.

HTTP requests and application logic should be seen as being on separate layers. And should not intermingle like we do now.

@phavekes phavekes self-assigned this Dec 1, 2024
@phavekes phavekes added this to Stepup Dec 1, 2024
@github-project-automation github-project-automation bot moved this to New in Stepup Dec 1, 2024
@phavekes phavekes removed their assignment Dec 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Status: New
Development

No branches or pull requests

1 participant