get_ssl_endpoints returns 403 if no endpoints present #59
Comments
|
I'll push the report upstream. |
|
@neilmiddleton - this is actually intended, albeit poorly documented behavior. An empty list indicates that you have the ssl add-on, but none configured. Due to billing and stuff it is useful to make this distinction and/or require the add-on to be installed to operate on endpoints. So closing because I think having that distinction is of use. Perhaps we can/should improve messaging around it though (ie if the message body is unclear). |
|
So, a Forbidden status should be taken as a 'nothing to see here' message? Is there not something better we can use? |
|
403 makes sense, but I can see a case for 404 as well |
|
I think the problem here is that the error is returned in exactly the same way as the standard 403 or 404 would be for a bad API request, giving you (as it did me) a misleading answer that sends you off down the wrong debugging path. If ppl are happy with 403 we'll go with that, but it caught me out, so surely must get others. |
|
Yeah, I made a note for brandur to look into the body/messaging there to help. 402 might arguably be more appropriate. We use this already when you try to do things that cost money without having validated stuff. That seems more like this case than 403 (which seems to imply you don't have access to that particular app). |
For some reason, running get_ssl_endpoints against an app with no endpoints added returns a HTTP 403 which is misleading.
I am authorised, there's just no endpoints. Surely an empty array or something needs to be returned here?
The text was updated successfully, but these errors were encountered: