英文:
Correct HTTP status code for a resource not found
问题
例如,我需要查找具有以下地址的用户资源 api/user/1。
在这种情况下,我要查找确切的 ID 为 1 的资源,如果资源不存在,则应返回 404。
但是,如果我想查找确切的最新用户资源,而它不存在呢?
例如,使用地址 api/latest-user。
现在应该返回 404 还是带有空结果的 200?
让我困惑的是,在两种情况下,我都在寻找特定的资源,只是在第一种情况下是按 ID 进行查找,而在第二种情况下是按顺序进行查找。
如何使这更容易理解,不会被误解,对客户来说什么更容易理解?
英文:
For example, I need to find User resource with the following address api/user/1.
In this case i am looking for exact resource with ID 1 and if resource does not exist, then 404 should be returned.
But what if I want to find exact latest user resource and it doesn't exist?
For example, with address api/latest-user.
Should 404 be returned now or 200 with empty results?
The thing that confuses me is that in both cases I am looking for a certain resource and if in the first case it is done by ID then in the second by order.
How to make this easier to understand and not to be misunderstood and
what would be more understandable for the client?
答案1
得分: 6
但如果我想找到确切的最新用户资源而它不存在怎么办?例如,使用地址 api/latest-user。现在应该返回 404 还是带有空结果的 200?
所以首先要注意每条消息的含义:
- 404 表示资源没有当前的表示,响应的正文是为什么可能会这样的解释。
- 200 表示资源有当前的表示,响应的正文就是该表示。
状态码很简单:您选择正确描述消息的状态码。挑战在于决定在请求时您的“资源”是否有表示。
即使在数据层中没有相应的实体时,资源具有表示是完全正常的。我们可能有一个“空”的文档,或者没有项目的列表,或者完全由默认值组成的表示。这些都是可以接受的。
搜索结果是一个明显的答案:您询问 Google 或 Stack Overflow 要表示一个文档列表,而此时文档列表为空。因此,我们得到了一个空文档列表的表示,状态码是... 200。
大致来说,200 表示“这是您问题的当前答案”,而 4xx 表示“我现在无法回答您的问题”,而 404 是更具体的一种情况,表示“我现在无法回答您的问题,因为我完全不知道您在说什么”。
示例:
https://www.youtube.com/watch?v=00000
如果我们尝试获取该资源,服务器会返回什么响应?截至今天(2023-05-26),服务器返回的是一个状态码为 200 的响应,其中包含一个文档,上面写着“此视频不再可用”。为什么呢?因为这是资源的当前表示,而 200 状态码告诉 HTTP,响应正文中的表示是资源的表示。
请注意:您的网络浏览器对此一点都不感到困惑。
更大的观念是:状态码是在网络上传输文档领域的元数据。200 告诉我们我们已成功检索到文档。现在我们阅读文档以了解在领域级别发生了什么,根据在成功检索到的文档中找到的信息选择适当的逻辑分支。
或者另一种表达方式:我们不应(通常)为我们专门的应用程序重新利用 HTTP 元数据。
英文:
> But what if I want to find exact latest user resource and it doesn't exist? For example, with address api/latest-user. Should 404 be returned now or 200 with empty results?
So the first thing to pay attention to is the meaning of each message
- 404 the resource has no current representation, and the body of the response is an explanation for why this might be
- 200 the resource has a current representation, and the body of the response is that representation
The status code is easy: you choose the status code that correctly describes the message. The challenging part is deciding whether your "resource" has a representation at the time of the request.
It's perfectly normal for a resource to have a representation even when there are no corresponding entities in your data layer. We might have an "empty" document, or lists with no items, or a representation composed entirely of default values. Those are all fine.
Search results are one obvious answer: you ask google, or stack overflow, for a representation of a list of documents, and at the time the list of documents is empty. So we get a representation of an empty list of documents, and the status code is... 200.
Loosely: 200 means "this is the current answer to your question", where 4xx means "I can't answer your question right now", and 404 is something more specific "I can't answer your question right now, because I have no idea what you are talking about".
Example:
https://www.youtube.com/watch?v=00000
What response do we get from the server if we try to GET that resource? What comes back (today: 2023-05-26) is a 200 response with a document that says "This video isn't available anymore". Why? because that's the current representation of the resource, and the 200 status code tells HTTP that the representation in the body of the response is the representation of the resource.
Notice: your web browser didn't get confused by that at all.
The larger idea: the status code is metadata of the transfer-of-documents-over-a-network domain. 200 tells us that we have successfully retrieved the document. Now we read the document to find out what's going on at the domain level, choosing the appropriate logical branch depending on the information that we find in the successfully retrieved document.
Or expressed another way: we should not (generally) repurpose HTTP metadata for our bespoke application.
答案2
得分: 3
在REST建模中,每个端点代表一个资源。
因此,api/user/1和api/latest-user都代表可以从服务器获取的资源。api/latest-user不应被视为一个独立于其可能返回的任何结果的函数。概念模型与SOAP等RPC风格相比更加扁平和简单。
在系统中没有用户资源的情况下,很明显,由api/latest-user表示的资源是'未找到',404将是一个语义上正确的状态代码,就像按ID查找一样。
比语义更重要的可能是API的易用性!如果对api/latest-user的GET请求可以返回200和空响应体,或者返回200和序列化的用户,那么它将导致客户端流控制困难。他们将需要查看响应体的流以确定他们是否将获得有效的记录,或者可能会削弱响应的类型以进行在类型安全语言中的反序列化,例如[null|User]。如果他们从状态代码中知道资源不存在,他们甚至不需要开始读取响应体。
相反,如果资源是一个集合,例如api/user,那么返回200和空列表将是语义上合适的,因为集合就是资源,而且无论其长度如何,它都存在。
英文:
In REST modelling every endpoint represents a resource.
So both api/user/1 and api/latest-user represent resources that can be fetched from the server. api/latest-user should not be considered a function to be called where the function has its own existence independently of any results it might return. The conceptual model is flatter and simpler compared to to RPC styles like SOAP.
At a point in time where there are no user resources in the system, it is straightforward that the resource represented by api/latest-user is 'Not Found', and 404 would be a semantically correct status code, just as it is correct for a lookup by ID.
Probably more important than the semantics is the ease of use of your API! It will cause clients flow control difficulties if GET requests to 'api/latest-user' could return return either 200 with an empty body, or 200 with a serialized user. They will need to peek the stream of the response body in order to determine whether they are going to get a valid record, or possibly weaken the type of the response to [null|User] for deserializing in typesafe languages. If they knew the resource did not exist straight up from the status code they wouldn't even need to start reading the body.
Conversly if the resource were a collection e.g. api/user then returning 200 with an empty list would be semantically appropriate, as the collection is the resource and it exists, regardless of its length.
答案3
得分: 2
关于在搜索不存在的最新用户资源时是否返回404或带有空结果的200响应的决定可以根据您的具体用例和客户的期望而有所不同。没有普遍正确或错误的答案,但以下是一些考虑因素,可以帮助您做出明智的决策:
一致性:通常在API设计中追求一致性是一个好的实践。如果您在按ID搜索用户时返回404,那么在搜索不存在的最新用户资源时返回404可能更一致。这样,客户端可以在两种情况下期望类似的响应格式和状态代码。
客户期望:考虑您的API客户的期望和要求。如果客户可能会将带有空结果的200响应解释为成功的请求,那么返回404来指示请求的资源不存在可能更合适。这有助于防止客户端产生误解或不正确的假设。
错误处理:返回404表示不存在的最新用户资源可以被视为一种错误处理方式,表明请求的资源不可用。然而,如果最新用户资源的缺失在您的系统中不被视为错误而是有效响应,那么返回带有空结果的200可能更合适。
为增强清晰度并减少误解,您可以在API文档中记录API的行为,或向客户提供有关如何解释不同场景下响应的明确指南。此外,您可以考虑在响应有效载荷中包含附加信息,例如错误消息或元数据,以在未找到资源时提供更多上下文。
最终,返回404或带有空结果的200之间的选择应与您的API消费者的设计原则和期望保持一致,以确保清晰和一致的体验。
英文:
The decision of whether to return a 404 or a 200 response with empty results when searching for the latest user resource that doesn't exist can vary depending on your specific use case and the expectations of your clients. There isn't a universally right or wrong answer, but here are some considerations to help you make an informed decision:
Consistency: It's generally a good practice to strive for consistency in your API design. If you return a 404 when searching for a user by ID, it might be more consistent to return a 404 when searching for the latest user resource that doesn't exist. This way, the client can expect a similar response format and status code in both cases.
Client Expectations: Consider the expectations and requirements of your API clients. If clients are likely to interpret a 200 response with empty results as a successful request, it might be more appropriate to return a 404 to indicate that the requested resource doesn't exist. This can help prevent misunderstandings or incorrect assumptions on the client side.
Error Handling: Returning a 404 for the latest user resource that doesn't exist can be seen as a form of error handling, indicating that the requested resource is not available. However, returning a 200 with empty results might be more suitable if the absence of a latest user resource is not considered an error but a valid response in your system.
To enhance clarity and minimize misunderstanding, you could document your API's behavior in the API documentation or provide clear guidelines to clients on how to interpret the responses for different scenarios. Additionally, you can consider including additional information in the response payload, such as an error message or metadata, to provide more context when a resource is not found.
Ultimately, the choice between returning a 404 or a 200 with empty results should align with the design principles and expectations of your API consumers, ensuring a clear and consistent experience.
答案4
得分: 1
以下是翻译好的内容:
一种观点(在其他很多好的观点中之一)可能如下所述:
我假设您是通过“GET”方法进行请求的。这可以解释您的问题的本质:哪种代码、内容/无内容。
一个选项是通过“HEAD”方法开始每个请求,通常不返回任何内容,但允许测试资源的可用性。
因此,如果有内容要发送,服务器应该以“200 OK”代码回应,如果没有内容,则以“204无内容”回应。
在这一点上,如果收到“200”响应,您可以发出常规的“GET”请求,或者通知最终用户这里没有可查看的内容。
英文:
One point of view (among good other ones), would be as follow:
I assume you are doing requests via the GET method. It could explain the essence of your question: which code, content / no content.
It would be an option to start each request via the HEAD method, which generally does not return any content, but permits to test the availability of the resource.
The server should so answer with a 200 OK code if there is content to send, or with 204 no content if not.
At this point you can make a regular GET request if you received a 200 response, or inform the end user that there is nothing to view here.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论