Is it necessary or is there any standard to send HTTP header status
for form inputs ? Say, the user is entering invalid password in login
form and now all the applications I have seen are just displaying error
messages above the form (with HTTP status 200); is it necessary to send
401 status in this case?
--
<?php echo 'Just another PHP saint'; ?>
Email: rrjanbiah-at-Y!com Blog: http://rajeshanbiah.blogspot.com/ 6  2622 
R. Rajesh Jeba Anbiah wrote: Is it necessary or is there any standard to send HTTP header status
for form inputs ? Say, the user is entering invalid password in login
form and now all the applications I have seen are just displaying
error messages above the form (with HTTP status 200); is it necessary
to send 401 status in this case?
The 401 header is generally only used with REALM authentication. When this
type of authentication isn't used, the HTTP 200 header is more appropriate,
because the page is found and the error is handled on the page itself.
Another reason for using HTTP headers is when the application responses are
interpreted by another application. A quick look at the status then will
give an indication of the success rate, without parsing the response body.
JW
R. Rajesh Jeba Anbiah wrote: Is it necessary or is there any standard to send HTTP header status
for form inputs ? Say, the user is entering invalid password in login
form and now all the applications I have seen are just displaying error
messages above the form (with HTTP status 200); is it necessary to send
401 status in this case?
A 401 response should only be used if you're using HTTP authentication.
403 Forbidden might be more appropriate here.
--
Toby A Inkster BSc (Hons) ARCS
Contact Me ~ http://tobyinkster.co.uk/contact
Toby Inkster wrote: R. Rajesh Jeba Anbiah wrote:
Is it necessary or is there any standard to send HTTP header status
for form inputs ? Say, the user is entering invalid password in login
form and now all the applications I have seen are just displaying error
messages above the form (with HTTP status 200); is it necessary to send
401 status in this case?
A 401 response should only be used if you're using HTTP authentication.
403 Forbidden might be more appropriate here.
Thanks for your inputs. I really appreciate it. Thanks again.
--
<?php echo 'Just another PHP saint'; ?>
Email: rrjanbiah-at-Y!com Blog: http://rajeshanbiah.blogspot.com/
Janwillem Borleffs wrote: R. Rajesh Jeba Anbiah wrote: Is it necessary or is there any standard to send HTTP header status
for form inputs ? Say, the user is entering invalid password in login
form and now all the applications I have seen are just displaying
error messages above the form (with HTTP status 200); is it necessary
to send 401 status in this case?
The 401 header is generally only used with REALM authentication. When this
type of authentication isn't used, the HTTP 200 header is more appropriate,
because the page is found and the error is handled on the page itself.
Another reason for using HTTP headers is when the application responses are
interpreted by another application. A quick look at the status then will
give an indication of the success rate, without parsing the response body.
Thanks for your insights. I was wondering if HTTP status code is
necessary in form processing. Thanks again.
--
<?php echo 'Just another PHP saint'; ?>
Email: rrjanbiah-at-Y!com Blog: http://rajeshanbiah.blogspot.com/
"R. Rajesh Jeba Anbiah" <ng**********@r ediffmail.com> wrote: Is it necessary or is there any standard to send HTTP header status
for form inputs ? Say, the user is entering invalid password in login
form and now all the applications I have seen are just displaying error
messages above the form (with HTTP status 200); is it necessary to send
401 status in this case?
If you are using the HTTP basic or digest authentication (RFC 2616,
2617) 401 is the correct status code if the authentication failed.
If you are using an application based authentication, you should always
return a 200 status code and a page with a human readable description of
the problem ("Invalid login, please retry. Forgot your password? Click
here!" etc. etc.).
Regards,
___
/_|_\ Umberto Salsi
\/_\/ www.icosaedro.it
Umberto Salsi wrote: "R. Rajesh Jeba Anbiah" <ng**********@r ediffmail.com> wrote:
<snip> If you are using an application based authentication, you should always
return a 200 status code and a page with a human readable description of
the problem
<snip>
Thanks a lot for the explanation; this is what I was confusing with.
Thanks again.
--
<?php echo 'Just another PHP saint'; ?>
Email: rrjanbiah-at-Y!com Blog: http://rajeshanbiah.blogspot.com/ This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: DaRemedy |
last post by:
Hiya, just need help with PHP headers.
I have an index php page which has the following code within a header
redirect:
<?php
if ( empty($_GET) )
if (empty($_GET) )
{
$month = date(n);
|
by: Michael Foord |
last post by:
#!/usr/bin/python -u
# 15-09-04
# v1.0.0
# auth_example.py
# A simple script manually demonstrating basic authentication.
# Copyright Michael Foord
# Free to use, modify and relicense.
# No warranty express or implied for the accuracy, fitness to purpose
|
by: turnit \(removethis\) |
last post by:
I have a login form that uses the post method to carry the
information to the next page. The form works just fine in
ie6.0, but fails in mozilla and fails in ie5.2 on a
mac. "HTTP/1.1 400 Bad Request" was the original error msg
now that I reinstalled iislockdown and urscan I get "The
parameter is incorrect." If I use the get method with this
form it works just fine on everything. I can't say for
certain but I think this problem started...
|
by: Ronald Fischer |
last post by:
Could someone explain to me what is the difference between
<!ENTITY % Foo 'Bar' >
and
<!ENTITY Foo 'Bar' >
From my understanding, the "macro" Foo has to be referenced in
the first case by %Foo; and in the second case by &Foo; , but
|
by: Vivek Mehta |
last post by:
I want to receive XML stream generated at another URL however when I
try to load the XML it errors out with one error or the other. I
beleive this XML comes back with HTTP header which actually comes back
as part of the response and obviously causes the
xmlDoc.Load(myResponseStream) to break because the test preceding the
XML makes the xml invalid.
How can I remove this content from the receiving XML stream ?? Here is
some sample code :
| | |
by: Darklight |
last post by:
Q6: Write a function that accepts two strings. Count the number of
characters in each, and return a pointer to the longer string.
and please comment
/* LEN_STRING.C PROGRAM TO RETURN LONGEST STRING */
#include<stdio.h>
#include<string.h>
void length(char , char );
|
by: webEater |
last post by:
Hey,
I am writing a file that reads in an external file in the web and
prints it out including the response header of the http protocol. I do
this to enable cross domain XMLHttpRequests.
I implemented it via fsockopen, like this:
<?
$url = $_REQUEST; // take the param as $uri
//... more ...
|
by: john |
last post by:
To test a new piece of software designed to help with (among other
things) eCommerce WWW site development. The software is fairly easy to
use but you must fit a profile. Retail price is 120 GBP and I'll email
full releases to anyone who helps FOC of course:
Profile:
I'm looking for someone who fits a profile -
You must be willing to spend some time with the software and report back
|
by: =?Utf-8?B?UGF1bA==?= |
last post by:
I am using ASP.Net 2.0 and VB.Net (although C#is ok also).
I want to create an object/method/function that will take a URL as an input
parameter and then return all of the HTML in that page.
I also want to return the HTTP header information (response object).
Does anyone have an insight as to any code samples or .Net objects I would
use to accomplish this?
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look !
Part I. Meaning of...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
| | |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |
