On 10 Nov 2010, at 14:42, Dan Poirier wrote: > If multiple response statuses would be valid for a request (e.g. 403, > 413), is there any standard on how to pick one? I looked through RFC > 2616 but didn't see anything. Or is it just an implementation detail?
This was subject of a fair bit of debate at the time; and from what I recall it was tried to reduce this to a non issue (i.e. letting the implementor make the call) by fairly carefully having the 2x/3x and 4x meaning right (success, retry with extra info and no-go) - along with making sure that the higher numbers are increasingly more narrow in their scope - with the assumption that implementors would only use those if the semantics where truly applicable and 'actionable' by a client. Guess that does not answer the question - but in your example 403 (forbidden) vs 413 (too large) - one probably wants to ask the question - is there anything the client can do (perhaps change some POST/form parameter to reduce the requested size) - or is it purely forbidden because if its size. If it is the first I'd do a 413 (so smarter clients can reduce what they get) and distinguish it form a 403 lost case - while if it is the latter - a 403 will be more meaningful to a wider range of clients. Hope that helps, Dw
