> Well, is there any point of detailing the specific offending field names? > The bad text received? To the consumer in the response error message, > or strictly to the logs?
I don't think it's too important in the response. > We should log (once) the cause of a 400, but are the details interesting? > Or is it enough to report that a bad field name, a bad header value etc > caused the fault without any sprintf() style processing? Kind of difficult to talk about in the abstract. I can't say the cause needs to be "clear" in the logs but I think the offending data (line if it's line-based even if we could already be lost for bad input) and some hint about what we were expecting or didn't like.
