I have some CGI programs that spit out error pages when the user enters
illegal form input. These custom error pages, while informing the user of
errors, are otherwise just standard web pages.
Is there a disadvantage to not spitting out a 404 error? I assume 404 isn't
just another webpage, but carries with it the information that an error
occured---in so simple a manner that it could be used for e.g. link
checking.
TIA,
S 14 3811
sinister wrote: [snip]
404 is a HTTP header, which should be sent when a file can't be found. I
think your error page has a different meaning.
--
Anne van Kesteren
<http://www.annevankesteren.nl/>
"sinister" <si******@nospam.invalid> wrote in message
news:eA***************@nwrddc02.gnilink.net... I have some CGI programs that spit out error pages when the user enters illegal form input. These custom error pages, while informing the user of errors, are otherwise just standard web pages.
Is there a disadvantage to not spitting out a 404 error? I assume 404
isn't just another webpage, but carries with it the information that an error occured---in so simple a manner that it could be used for e.g. link checking.
HTTP status codes are just that--HTTP status codes. They tell the browser
the outcome of its HTTP request for a resource (page, image file, whatever),
such as:
whether the resource is being returned as asked (200)
whether the browser needs to look elsewhere for the
resource it requested (a client-side redirect, 302)
whether the browser needs to be authenticated
before the page will be provided (401)
whether authentication has failed (403)
whether the URL refers to a non-existent resource (404)
In your situation, you are asking about an *application* error. There was no
*HTTP* error: the server correctly found the resource you requested, which
is, after all, the resource (web page) that determined that the form input
was bad. The correct HTTP status code to be return in this situation is 200.
sinister wrote: I have some CGI programs that spit out error pages when the user enters illegal form input. These custom error pages, while informing the user of errors, are otherwise just standard web pages.
Is there a disadvantage to not spitting out a 404 error? I assume 404 isn't just another webpage, but carries with it the information that an error occured---in so simple a manner that it could be used for e.g. link checking.
404 says a _specific_ error has occurred, i.e. that the requested resource
could not be found.
You would be better of picking the appropriate error message for the
generated error. http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html
--
David Dorward <http://dorward.me.uk/>
"sinister" <si******@nospam.invalid> wrote in message
news:eA***************@nwrddc02.gnilink.net... I have some CGI programs that spit out error pages when the user enters illegal form input. These custom error pages, while informing the user of errors, are otherwise just standard web pages.
Is there a disadvantage to not spitting out a 404 error? I assume 404
isn't just another webpage, but carries with it the information that an error occured---in so simple a manner that it could be used for e.g. link checking.
TIA,
S
Thanks to AVK, DD, HM for prompt, useful replies. (Seems to be a productive
group.)
"Harlan Messinger" <h.*********@comcast.net> wrote in message
news:bq*************@ID-114100.news.uni-berlin.de... "sinister" <si******@nospam.invalid> wrote in message news:eA***************@nwrddc02.gnilink.net... I have some CGI programs that spit out error pages when the user enters illegal form input. These custom error pages, while informing the user
of errors, are otherwise just standard web pages.
Is there a disadvantage to not spitting out a 404 error? I assume 404 isn't just another webpage, but carries with it the information that an error occured---in so simple a manner that it could be used for e.g. link checking.
HTTP status codes are just that--HTTP status codes. They tell the browser the outcome of its HTTP request for a resource (page, image file,
whatever), such as:
whether the resource is being returned as asked (200)
whether the browser needs to look elsewhere for the resource it requested (a client-side redirect, 302)
whether the browser needs to be authenticated before the page will be provided (401)
whether authentication has failed (403)
whether the URL refers to a non-existent resource (404)
In your situation, you are asking about an *application* error. There was
no *HTTP* error: the server correctly found the resource you requested, which is, after all, the resource (web page) that determined that the form input was bad. The correct HTTP status code to be return in this situation is
200.
That sounds reasonable---it's not an HTTP error, so just return the
customized page as I've been doing.
Thanks.
On Wed, 3 Dec 2003 14:36:34 -0500,
"Harlan Messinger" <h.*********@comcast.net> wrote: In your situation, you are asking about an *application* error. There was no *HTTP* error: the server correctly found the resource you requested, which is, after all, the resource (web page) that determined that the form input was bad. The correct HTTP status code to be return in this situation is 200.
Or perhaps a different response, one indicating a user error, rather
than an all was fine response, when it wasn't.
Perhaps some of the other 400 series errors mentioned at:
<http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html>?
e.g. 10.4.1 400 Bad Request
The request could not be understood by the server due
to malformed syntax. The client SHOULD NOT repeat the
request without modifications.
I suppose it'd depend on whether you considered a client's mistake to be
a creation of an "error" at the server, even if not an HTTP error.
--
My "from" address is totally fake. (Hint: If I wanted e-mails from
complete strangers, I'd have put a real one, there.) Reply to usenet
postings in the same place as you read the message you're replying to.
On Wed, 03 Dec 2003 19:12:10 GMT,
"sinister" <si******@nospam.invalid> wrote: I have some CGI programs that spit out error pages when the user enters illegal form input. These custom error pages, while informing the user of errors, are otherwise just standard web pages.
Depending on the nature of the error, that'd be correct.
Is there a disadvantage to not spitting out a 404 error? I assume 404 isn't just another webpage, but carries with it the information that an error occurred---in so simple a manner that it could be used for e.g. link checking.
A 404 response is a HTTP error message, which can also include a HTML
page (such as an explanation, or some help to work around the problem).
The 404 HTTP response is for the browser to know that an error has
occurred, and perhaps warn the surfer about it (it's also for the
benefit of any other non-web browser user-agent). The written HTML,
that may come with it, is for the surfer's benefit.
--
My "from" address is totally fake. (Hint: If I wanted e-mails from
complete strangers, I'd have put a real one, there.) Reply to usenet
postings in the same place as you read the message you're replying to.
"Tim" <ad***@sheerhell.lan> wrote in message
news:da********************************@4ax.com... On Wed, 3 Dec 2003 14:36:34 -0500, "Harlan Messinger" <h.*********@comcast.net> wrote:
In your situation, you are asking about an *application* error. There
was no *HTTP* error: the server correctly found the resource you requested,
which is, after all, the resource (web page) that determined that the form
input was bad. The correct HTTP status code to be return in this situation is
200. Or perhaps a different response, one indicating a user error, rather than an all was fine response, when it wasn't.
Perhaps some of the other 400 series errors mentioned at: <http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html>?
e.g. 10.4.1 400 Bad Request
The request could not be understood by the server due to malformed syntax. The client SHOULD NOT repeat the request without modifications.
An HTTP 400 status code means that the server can't respond to the request.
In the case at hand, the HTTP request is fine and the server is responding
to it just fine, passing back to the client whatever stream the web resource
requested produces. The server understands the request just fine, and it
finds the page that is being requested.
Why would you *want* your user to see a generic 400 error instead of a
message produced by your application telling him what his error is and
giving him a chance to correct it? I suppose it'd depend on whether you considered a client's mistake to be a creation of an "error" at the server, even if not an HTTP error.
It isn't open to personal discretion. An error in data input to the
application is not an HTTP communication error. Of course, you can do what
you want. No one is going to put you in jail. I'm speaking in terms of the
correct use of the status codes.
On Fri, 5 Dec 2003, Harlan Messinger wrote: It isn't open to personal discretion.
Hmmm...
An error in data input to the application is not an HTTP communication error.
In the WWW *model* that we're discussing here, there _is_ no
"application" as such: there is a client, and it communicates with a
server black box by presenting an opaque token (the URL). The error
as communicated by HTTP is the final result of presenting that opaque
token to the black box.
Your "application" is no more than an internal detail of the server
implementation, as far as this WWW model is concerned.
I stand by my conclusion that if the server decides that a well-formed
request has been presented, but no productive content has been found
for fulfilling that request, then 404 is an approprate status return.
With, of course, appropriate body content to explain the situation.
The onus is on any WWW-conforming web client[1] to present that body
content to the client user.
cheers
[1] I guess we all know what that includes. And excludes.
"Alan J. Flavell" <fl*****@ph.gla.ac.uk> wrote in message
news:Pi*******************************@ppepc56.ph. gla.ac.uk... On Fri, 5 Dec 2003, Harlan Messinger wrote:
It isn't open to personal discretion. Hmmm...
An error in data input to the application is not an HTTP communication error.
In the WWW *model* that we're discussing here, there _is_ no "application" as such: there is a client, and it communicates with a server black box by presenting an opaque token (the URL). The error as communicated by HTTP is the final result of presenting that opaque token to the black box.
Your "application" is no more than an internal detail of the server implementation, as far as this WWW model is concerned.
I stand by my conclusion that if the server decides that a well-formed request has been presented, but no productive content has been found for fulfilling that request, then 404 is an approprate status return.
I think it's hard to argue that "not found" includes the case of "found, but
the resource that was found wishes it hadn't been" or "found, and wants to
send a response to the user, but wants to pretend that that response had
been pulled out of the server's hind quarters rather than having been
generated by the resource".
I'm not talking about *all* cases where an error was found by a process
sitting on top of the web server rather than by the web server itself. For
example, if you've got a content management system sitting on top of Apache
or IIS, and ask the CMS for a non-existent page: http://www.cms.com/cms-process?page=108452
then the process *ought* to send 404.
With, of course, appropriate body content to explain the situation.
The onus is on any WWW-conforming web client[1] to present that body content to the client user.
Actually, here's another approach to the question: what practical difference
would you expect in the result if a 404 was returned instead of a 200 in
response to invalid form data entry, if you are sending a body back with the
response either way? There ought to be a *point* to sending a 404. What
would you expect the browser to do differently? Why?
On Fri, 5 Dec 2003, Harlan Messinger wrote: In the WWW *model* that we're discussing here, there _is_ no "application" as such: there is a client, and it communicates with a server black box by presenting an opaque token (the URL). The error as communicated by HTTP is the final result of presenting that opaque token to the black box.
[...] I think it's hard to argue that "not found" includes the case of "found, but the resource that was found wishes it hadn't been"
You don't seem to have grasped the concept of the black box. The
requested resource was _not_ found. The fact that the CGI script was
invoked is a mere internal detail.
You might as well claim that a request for /foo/bar.html (assuming the
conventional static situation) was "found" if the corresponding foo
subdirectory was found, even though it didn't happen to contain the
file bar.html. It's still 404 not found.
Actually, here's another approach to the question: what practical difference would you expect in the result if a 404 was returned instead of a 200 in response to invalid form data entry, if you are sending a body back with the response either way? There ought to be a *point* to sending a 404. What would you expect the browser to do differently? Why?
Hint: not all HTTP clients are browsers.
"Alan J. Flavell" <fl*****@ph.gla.ac.uk> wrote in message
news:Pi*******************************@ppepc56.ph. gla.ac.uk... On Fri, 5 Dec 2003, Harlan Messinger wrote:
In the WWW *model* that we're discussing here, there _is_ no "application" as such: there is a client, and it communicates with a server black box by presenting an opaque token (the URL). The error as communicated by HTTP is the final result of presenting that opaque token to the black box. [...] I think it's hard to argue that "not found" includes the case of "found,
but the resource that was found wishes it hadn't been"
You don't seem to have grasped the concept of the black box. The requested resource was _not_ found.
Yes. It was.
The fact that the CGI script was invoked is a mere internal detail.
No, it's not, because the CGI script produced a meaningful result that is
correct for the request. You might as well claim that a request for /foo/bar.html (assuming the conventional static situation) was "found" if the corresponding foo subdirectory was found, even though it didn't happen to contain the file bar.html. It's still 404 not found.
Not the same thing. Actually, here's another approach to the question: what practical difference would you expect in the result if a 404 was returned instead of a 200 in response to invalid form data entry, if you are sending a body back with the response either way? There ought to be a *point* to sending a 404. What would you expect the browser to do differently? Why?
Hint: not all HTTP clients are browsers.
How helpful is picking at my overly generic use of the word "browser" in
answering my question?
Harlan Messinger wrote: Why would you *want* your user to see a generic 400 error instead of a message produced by your application telling him what his error is and giving him a chance to correct it?
There is nothing preventing one from sending an HTTP error code _and_ a
custom HTML document as the body part of the response (of course if the
body (including linked files - like images) is less then about 5k, MSIE
will decide its not helpful enough and replace it with a 'friendly' error
page - so include a nice image to boost the file size :D)
--
David Dorward <http://dorward.me.uk/>
"David Dorward" <do*****@yahoo.com> wrote in message
news:bq*******************@news.demon.co.uk... Harlan Messinger wrote:
Why would you *want* your user to see a generic 400 error instead of a message produced by your application telling him what his error is and giving him a chance to correct it?
There is nothing preventing one from sending an HTTP error code _and_ a custom HTML document as the body part of the response (of course if the body (including linked files - like images) is less then about 5k, MSIE will decide its not helpful enough and replace it with a 'friendly' error page - so include a nice image to boost the file size :D)
Is that how it works? So "friendly", those MS people. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Anthony England |
last post by:
Everyone knows that global variables get re-set in an mdb when an un-handled
error is encountered, but it seems that this also happens when the variable
is defined as private at form-level.
So...
|
by: Sky |
last post by:
Although I've been using C# for the last month or so, and accepting out of
blind faith the ViewState, I do have some nagging questions about it... can
you help verify the following statements?
...
|
by: John Lau |
last post by:
Hi,
I am looking at the MS KB Article 306355: HOW TO: Create Custom Error
Reporting Pages in ASP.NET by Using Visual C# .NET
This article describes how to redirect errors to a custom html...
|
by: Russ |
last post by:
I've been trying to get my head around this for 3 days now and it
seems like everything I try does not work for one reason or another.
I built a test page using the TabStrip and MultiPage controls....
|
by: Nick Horrocks |
last post by:
I have set up a custom error page for 404 errors.
However the HTTP status code returned is 302 followed by 200, this causes
search engines not to remove old pages from their index.
How can I...
|
by: Rhys666 |
last post by:
OK, an issue I've come across before, but never found a cause for or
resolution of, has decided to become the bane of my life again with ASP.Net
Custom Error Pages.
Basically, my web application...
|
by: dee |
last post by:
Hi
In web.config I have to the following:
<configuration>
<system.web>
<customErrors defaultRedirect="error.htm" mode="On" />
</system.web>
</configuration>
|
by: Matt |
last post by:
Can anyone give me a good reason to use BOTH application scope Page_Error
and the page scope Page_Error when trapping errors in a web application? Is
there any real benefit to using the Page_Error...
|
by: Mr Newbie |
last post by:
I'm testing error handling configurations and having some trouble. I created
a WebForm called. ErrDefault.aspx and I am trying to use the Page error
attribute to force the redirection to a custom...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
| |