Old classic
=> More informations about this toot | More toots from nikitonsky@mastodon.online
@nikitonsky This needs a content warning
=> More informations about this toot | More toots from tvaughan@mastodon.social
Ага, это ВК так делает. Я его апи по большей части у себя скопирую, но вот это не скопирую
=> More informations about this toot | More toots from grishka@friends.grishka.me
@nikitonsky triggering ptsd 😳
First company I worked as an iOS engineer for used to have this behavior for all their APIs 🙄🤦🏻♂️
Tried time and again to have it changed, to no avail.
=> More informations about this toot | More toots from fmarini@mastodon.social
@nikitonsky graphQL or?
=> More informations about this toot | More toots from griotspeak@soc.mod-12.com
@nikitonsky Even better:
{"status": 500}
=> More informations about this toot | More toots from dasdom@chaos.social
@nikitonsky this but its SSO logs
=> More informations about this toot | More toots from rooneymcnibnug@mastodon.social
@nikitonsky
And for the people dealing with geospatial data there is always the fun with #OGC web services like WMS which “traditionally“ report an error with HTTP 200 and some XML describing the error :-/
=> More informations about this toot | More toots from stranljip@social.tchncs.de
@stranljip @nikitonsky I had an infrastructure vulnerability scanner flag a client's server as running some dodgy, ancient service. (Adobe Media Server perhaps). Client was rightly annoyed, as they didn't use it. Turns out the scanner had picked up the reported server version, which was spoofed by another vendor's product.
Also appreciated that Nessus could show me why it reported something, where McAfee obfuscated everything.
=> More informations about this toot | More toots from tim_lavoie@cosocial.ca
@stranljip @nikitonsky Oh, and the other vendor product did have some message in the body, once you look for it. Ugh.
=> More informations about this toot | More toots from tim_lavoie@cosocial.ca
@nikitonsky
=> More informations about this toot | More toots from da_667@infosec.exchange
@nikitonsky we put it both into the HTTP code and the response once, to ease client development.
=> More informations about this toot | More toots from mirabilos@toot.mirbsd.org
@nikitonsky @sashag GraphQL has entered the chat
=> More informations about this toot | More toots from ramsey@phpc.social
@nikitonsky @sashag Also, that JSON won’t parse. 🤣
=> More informations about this toot | More toots from ramsey@phpc.social
@ramsey @nikitonsky @sashag Why is that? Looks valid to me..
=> More informations about this toot | More toots from jbiserkov@mas.to
@jbiserkov @nikitonsky @sashag The curly quotes will cause a syntax error. 😉
=> More informations about this toot | More toots from ramsey@phpc.social
@nikitonsky this is so common in orgs that did conversions from SOAP semantics to JSON. Big aughts enterprise software energy.
=> More informations about this toot | More toots from huronbikes@cyberplace.social
@nikitonsky I had to work with an API that usually responds with json but if your request crashes the handler, you get the stacktrace formatted as HTML.
=> More informations about this toot | More toots from hisold@toot.io
@nikitonsky apparently a hot take here... I am that person, though I prefer an integer code (for the machine) and a string (for the logs/developer) instead of a boolean, and most importantly an idiot-proof way to communicate to clients whether they should try again soon (with an exponential backoff) or give up because it'll never work unless they change something in the request, and even better if the code can describe specifically what field/data they should change. I believe the insurmountable chasm here between the different opinions is whether HTTP is the API or is just one of several possible transport layers, but of course that's probably an oversimplification.
=> More informations about this toot | More toots from commodore@discuss.systems
@nikitonsky {"error": "success"}
=> More informations about this toot | More toots from enzet@masto.ai
@nikitonsky Odoo...
=> More informations about this toot | More toots from kirrepic@oc.todon.fr
@nikitonsky Also on the menu:
403 Forbidden, for when you try to access a resource that needs a login.. OR hit the rate limit.
=> More informations about this toot | More toots from jwarlander@mastodon.nu
@nikitonsky {"error":"success"} 😂
=> More informations about this toot | More toots from rabittbol@masto.bike
@nikitonsky The HTTP request went well, but the API call that was carried by the HTTP request returned an error. I see nothing wrong with this.
=> More informations about this toot | More toots from kusalananda@fosstodon.org
@nikitonsky aghhhhhhhh saw such a system recently that did instead of « 401 », « 200 OK » with a payload « user has no rights ».
=> More informations about this toot | More toots from canleaf@mastodon.social
@nikitonsky I wish this classic. Still commonplace at my work. Drives me insane!
=> More informations about this toot | More toots from davewoodx@mastodon.social
@nikitonsky man, every time I see this kind of meme deepens my hate for Microsoft Teams API
=> More informations about this toot | More toots from patrick@o0o.social This content has been proxied by September (3851b).Proxy Information
text/gemini